Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community

Type apk

Namespace alpine

Name firefox

Version 76.0-r0

Qualifiers

arch	s390x
distroversion	v3.23
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 77.0-r0

Latest_non_vulnerable_version 119.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-58am-dpx9-3udz

vulnerability_id VCID-58am-dpx9-3udz

summary The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape.*Note: this issue only affects Firefox on Windows operating systems.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-12389

reference_id

reference_type

scores

value	0.00669
scoring_system	epss
scoring_elements	0.71708
published_at	2026-06-04T12:55:00Z

value	0.00669
scoring_system	epss
scoring_elements	0.71749
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12389

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1831945
reference_id	1831945
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1831945

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_id

mfsa2020-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

reference_id

mfsa2020-17

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

fixed_packages

url	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@76.0-r0%3Farch=s390x&distroversion=v3.23&reponame=community

aliases CVE-2020-12389

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-58am-dpx9-3udz

url VCID-9n38-4jdq-4ff9

vulnerability_id VCID-9n38-4jdq-4ff9

summary Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12390.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12390.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-12390

reference_id

reference_type

scores

value	0.01463
scoring_system	epss
scoring_elements	0.81212
published_at	2026-06-04T12:55:00Z

value	0.01463
scoring_system	epss
scoring_elements	0.8124
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12390

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1834686
reference_id	1834686
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1834686

reference_url	https://security.archlinux.org/ASA-202005-3
reference_id	ASA-202005-3
reference_type
scores
url	https://security.archlinux.org/ASA-202005-3

reference_url

https://security.archlinux.org/AVG-1148

reference_id

AVG-1148

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1148

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_id

mfsa2020-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_url	https://access.redhat.com/errata/RHSA-2020:3557
reference_id	RHSA-2020:3557
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3557

reference_url	https://usn.ubuntu.com/4353-1/
reference_id	USN-4353-1
reference_type
scores
url	https://usn.ubuntu.com/4353-1/

fixed_packages

url	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@76.0-r0%3Farch=s390x&distroversion=v3.23&reponame=community

aliases CVE-2020-12390

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9n38-4jdq-4ff9

url VCID-aqum-wvxv-wbca

vulnerability_id VCID-aqum-wvxv-wbca

summary A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12394.json

reference_id

reference_type

scores

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12394.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-12394

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.33696
published_at	2026-06-04T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33797
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12394

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1834688
reference_id	1834688
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1834688

reference_url	https://security.archlinux.org/ASA-202005-3
reference_id	ASA-202005-3
reference_type
scores
url	https://security.archlinux.org/ASA-202005-3

reference_url

https://security.archlinux.org/AVG-1148

reference_id

AVG-1148

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1148

reference_url	https://security.gentoo.org/glsa/202005-04
reference_id	GLSA-202005-04
reference_type
scores
url	https://security.gentoo.org/glsa/202005-04

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_id

mfsa2020-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_url	https://usn.ubuntu.com/4353-1/
reference_id	USN-4353-1
reference_type
scores
url	https://usn.ubuntu.com/4353-1/

fixed_packages

url	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@76.0-r0%3Farch=s390x&distroversion=v3.23&reponame=community

aliases CVE-2020-12394

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aqum-wvxv-wbca

url VCID-dw1s-5ws6-1bec

vulnerability_id VCID-dw1s-5ws6-1bec

summary The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution.*Note: this issue only affects Firefox on Windows operating systems.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-12393

reference_id

reference_type

scores

value	0.00467
scoring_system	epss
scoring_elements	0.64784
published_at	2026-06-04T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64827
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12393

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1831946
reference_id	1831946
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1831946

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_id

mfsa2020-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

reference_id

mfsa2020-17

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-18

reference_id

mfsa2020-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-18

fixed_packages

url	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@76.0-r0%3Farch=s390x&distroversion=v3.23&reponame=community

aliases CVE-2020-12393

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dw1s-5ws6-1bec

url VCID-hh39-s6em-nffh

vulnerability_id VCID-hh39-s6em-nffh

summary Mozilla developers and community members Frederik Braun, Andrew McCreight, C.M.Chang, and Dan Minor reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12396.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12396.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-12396

reference_id

reference_type

scores

value	0.00596
scoring_system	epss
scoring_elements	0.69707
published_at	2026-06-04T12:55:00Z

value	0.00596
scoring_system	epss
scoring_elements	0.69747
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12396

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1834689
reference_id	1834689
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1834689

reference_url	https://security.archlinux.org/ASA-202005-3
reference_id	ASA-202005-3
reference_type
scores
url	https://security.archlinux.org/ASA-202005-3

reference_url

https://security.archlinux.org/AVG-1148

reference_id

AVG-1148

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1148

reference_url	https://security.gentoo.org/glsa/202005-04
reference_id	GLSA-202005-04
reference_type
scores
url	https://security.gentoo.org/glsa/202005-04

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_id

mfsa2020-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_url	https://usn.ubuntu.com/4353-1/
reference_id	USN-4353-1
reference_type
scores
url	https://usn.ubuntu.com/4353-1/

fixed_packages

url	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@76.0-r0%3Farch=s390x&distroversion=v3.23&reponame=community

aliases CVE-2020-12396

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hh39-s6em-nffh

url VCID-nzqk-7c5d-8ye8

vulnerability_id VCID-nzqk-7c5d-8ye8

summary Mozilla developers and community members Alexandru Michis, Jason Kratzer, philipp, Ted Campbell, Bas Schouten, André Bargull, and Karl Tomlinson reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12395.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12395.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-12395

reference_id

reference_type

scores

value	0.01268
scoring_system	epss
scoring_elements	0.79834
published_at	2026-06-05T12:55:00Z

value	0.01268
scoring_system	epss
scoring_elements	0.79809
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12395

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1831765
reference_id	1831765
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1831765

reference_url	https://security.archlinux.org/ASA-202005-3
reference_id	ASA-202005-3
reference_type
scores
url	https://security.archlinux.org/ASA-202005-3

reference_url	https://security.archlinux.org/ASA-202005-7
reference_id	ASA-202005-7
reference_type
scores
url	https://security.archlinux.org/ASA-202005-7

reference_url

https://security.archlinux.org/AVG-1148

reference_id

AVG-1148

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1148

reference_url

https://security.archlinux.org/AVG-1155

reference_id

AVG-1155

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1155

reference_url	https://security.gentoo.org/glsa/202005-03
reference_id	GLSA-202005-03
reference_type
scores
url	https://security.gentoo.org/glsa/202005-03

reference_url	https://security.gentoo.org/glsa/202005-04
reference_id	GLSA-202005-04
reference_type
scores
url	https://security.gentoo.org/glsa/202005-04

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_id

mfsa2020-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

reference_id

mfsa2020-17

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-18

reference_id

mfsa2020-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-18

reference_url	https://access.redhat.com/errata/RHSA-2020:2031
reference_id	RHSA-2020:2031
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2031

reference_url	https://access.redhat.com/errata/RHSA-2020:2032
reference_id	RHSA-2020:2032
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2032

reference_url	https://access.redhat.com/errata/RHSA-2020:2033
reference_id	RHSA-2020:2033
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2033

reference_url	https://access.redhat.com/errata/RHSA-2020:2036
reference_id	RHSA-2020:2036
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2036

reference_url	https://access.redhat.com/errata/RHSA-2020:2037
reference_id	RHSA-2020:2037
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2037

reference_url	https://access.redhat.com/errata/RHSA-2020:2046
reference_id	RHSA-2020:2046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2046

reference_url	https://access.redhat.com/errata/RHSA-2020:2047
reference_id	RHSA-2020:2047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2047

reference_url	https://access.redhat.com/errata/RHSA-2020:2048
reference_id	RHSA-2020:2048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2048

reference_url	https://access.redhat.com/errata/RHSA-2020:2049
reference_id	RHSA-2020:2049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2049

reference_url	https://access.redhat.com/errata/RHSA-2020:2050
reference_id	RHSA-2020:2050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2050

reference_url	https://usn.ubuntu.com/4353-1/
reference_id	USN-4353-1
reference_type
scores
url	https://usn.ubuntu.com/4353-1/

reference_url	https://usn.ubuntu.com/4373-1/
reference_id	USN-4373-1
reference_type
scores
url	https://usn.ubuntu.com/4373-1/

fixed_packages

url	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@76.0-r0%3Farch=s390x&distroversion=v3.23&reponame=community

aliases CVE-2020-12395

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nzqk-7c5d-8ye8

url VCID-y1xs-qvkc-2fcv

vulnerability_id VCID-y1xs-qvkc-2fcv

summary A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12387.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-12387

reference_id

reference_type

scores

value	0.01742
scoring_system	epss
scoring_elements	0.82892
published_at	2026-06-05T12:55:00Z

value	0.01742
scoring_system	epss
scoring_elements	0.82866
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1831761
reference_id	1831761
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1831761

reference_url	https://security.archlinux.org/ASA-202005-3
reference_id	ASA-202005-3
reference_type
scores
url	https://security.archlinux.org/ASA-202005-3

reference_url	https://security.archlinux.org/ASA-202005-7
reference_id	ASA-202005-7
reference_type
scores
url	https://security.archlinux.org/ASA-202005-7

reference_url

https://security.archlinux.org/AVG-1148

reference_id

AVG-1148

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1148

reference_url

https://security.archlinux.org/AVG-1155

reference_id

AVG-1155

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1155

reference_url	https://security.gentoo.org/glsa/202005-03
reference_id	GLSA-202005-03
reference_type
scores
url	https://security.gentoo.org/glsa/202005-03

reference_url	https://security.gentoo.org/glsa/202005-04
reference_id	GLSA-202005-04
reference_type
scores
url	https://security.gentoo.org/glsa/202005-04

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_id

mfsa2020-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

reference_id

mfsa2020-17

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-18

reference_id

mfsa2020-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-18

reference_url	https://access.redhat.com/errata/RHSA-2020:2031
reference_id	RHSA-2020:2031
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2031

reference_url	https://access.redhat.com/errata/RHSA-2020:2032
reference_id	RHSA-2020:2032
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2032

reference_url	https://access.redhat.com/errata/RHSA-2020:2033
reference_id	RHSA-2020:2033
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2033

reference_url	https://access.redhat.com/errata/RHSA-2020:2036
reference_id	RHSA-2020:2036
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2036

reference_url	https://access.redhat.com/errata/RHSA-2020:2037
reference_id	RHSA-2020:2037
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2037

reference_url	https://access.redhat.com/errata/RHSA-2020:2046
reference_id	RHSA-2020:2046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2046

reference_url	https://access.redhat.com/errata/RHSA-2020:2047
reference_id	RHSA-2020:2047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2047

reference_url	https://access.redhat.com/errata/RHSA-2020:2048
reference_id	RHSA-2020:2048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2048

reference_url	https://access.redhat.com/errata/RHSA-2020:2049
reference_id	RHSA-2020:2049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2049

reference_url	https://access.redhat.com/errata/RHSA-2020:2050
reference_id	RHSA-2020:2050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2050

reference_url	https://usn.ubuntu.com/4353-1/
reference_id	USN-4353-1
reference_type
scores
url	https://usn.ubuntu.com/4353-1/

reference_url	https://usn.ubuntu.com/4373-1/
reference_id	USN-4373-1
reference_type
scores
url	https://usn.ubuntu.com/4373-1/

fixed_packages

url	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/firefox@76.0-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@76.0-r0%3Farch=s390x&distroversion=v3.23&reponame=community

aliases CVE-2020-12387

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y1xs-qvkc-2fcv

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@76.0-r0%3Farch=s390x&distroversion=v3.23&reponame=community

Package Instance