Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/329183?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/329183?format=api", "purl": "pkg:apk/alpine/firefox@74.0-r0?arch=s390x&distroversion=v3.18&reponame=community", "type": "apk", "namespace": "alpine", "name": "firefox", "version": "74.0-r0", "qualifiers": { "arch": "s390x", "distroversion": "v3.18", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "75.0-r0", "latest_non_vulnerable_version": "119.0-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1189?format=api", "vulnerability_id": "VCID-255v-7p1y-n7b9", "summary": "When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL (as reported by the document.location property, for example) was the originating javascript: URL which could lead to spoofing attacks; it is now correctly the URL of the originating document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6808.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6808.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6808", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.5025", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50311", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50319", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6808" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829342", "reference_id": "1829342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829342" }, { "reference_url": "https://security.archlinux.org/ASA-202003-8", "reference_id": "ASA-202003-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-8" }, { "reference_url": "https://security.archlinux.org/AVG-1112", "reference_id": "AVG-1112", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1112" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08", "reference_id": "mfsa2020-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08" }, { "reference_url": "https://usn.ubuntu.com/4299-1/", "reference_id": "USN-4299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/329183?format=api", "purl": "pkg:apk/alpine/firefox@74.0-r0?arch=s390x&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@74.0-r0%3Farch=s390x&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2020-6808" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-255v-7p1y-n7b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1158?format=api", "vulnerability_id": "VCID-5bmj-hcut-dkgx", "summary": "The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6811.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6811.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6811", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78638", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78602", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.7863", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6811" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812202", "reference_id": "1812202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812202" }, { "reference_url": "https://security.archlinux.org/ASA-202003-11", "reference_id": "ASA-202003-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-11" }, { "reference_url": "https://security.archlinux.org/ASA-202003-8", "reference_id": "ASA-202003-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-8" }, { "reference_url": "https://security.archlinux.org/AVG-1112", "reference_id": "AVG-1112", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1112" }, { "reference_url": "https://security.archlinux.org/AVG-1115", "reference_id": "AVG-1115", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1115" }, { "reference_url": "https://security.gentoo.org/glsa/202003-02", "reference_id": "GLSA-202003-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-02" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08", "reference_id": "mfsa2020-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-09", "reference_id": "mfsa2020-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-09" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-10", "reference_id": "mfsa2020-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-10" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0815", "reference_id": "RHSA-2020:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0816", "reference_id": "RHSA-2020:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0819", "reference_id": "RHSA-2020:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0820", "reference_id": "RHSA-2020:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0905", "reference_id": "RHSA-2020:0905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0914", "reference_id": "RHSA-2020:0914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0918", "reference_id": "RHSA-2020:0918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0919", "reference_id": "RHSA-2020:0919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0919" }, { "reference_url": "https://usn.ubuntu.com/4299-1/", "reference_id": "USN-4299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4299-1/" }, { "reference_url": "https://usn.ubuntu.com/4328-1/", "reference_id": "USN-4328-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4328-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/329183?format=api", "purl": "pkg:apk/alpine/firefox@74.0-r0?arch=s390x&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@74.0-r0%3Farch=s390x&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2020-6811" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bmj-hcut-dkgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1155?format=api", "vulnerability_id": "VCID-br37-unbc-m7e9", "summary": "When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6805.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6805.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6805", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64398", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64345", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64389", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812199", "reference_id": "1812199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812199" }, { "reference_url": "https://security.archlinux.org/ASA-202003-11", "reference_id": "ASA-202003-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-11" }, { "reference_url": "https://security.archlinux.org/ASA-202003-8", "reference_id": "ASA-202003-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-8" }, { "reference_url": "https://security.archlinux.org/AVG-1112", "reference_id": "AVG-1112", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1112" }, { "reference_url": "https://security.archlinux.org/AVG-1115", "reference_id": "AVG-1115", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1115" }, { "reference_url": "https://security.gentoo.org/glsa/202003-02", "reference_id": "GLSA-202003-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-02" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08", "reference_id": "mfsa2020-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-09", "reference_id": "mfsa2020-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-09" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-10", "reference_id": "mfsa2020-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-10" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0815", "reference_id": "RHSA-2020:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0816", "reference_id": "RHSA-2020:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0819", "reference_id": "RHSA-2020:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0820", "reference_id": "RHSA-2020:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0905", "reference_id": "RHSA-2020:0905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0914", "reference_id": "RHSA-2020:0914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0918", "reference_id": "RHSA-2020:0918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0919", "reference_id": "RHSA-2020:0919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0919" }, { "reference_url": "https://usn.ubuntu.com/4299-1/", "reference_id": "USN-4299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4299-1/" }, { "reference_url": "https://usn.ubuntu.com/4328-1/", "reference_id": "USN-4328-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4328-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/329183?format=api", "purl": "pkg:apk/alpine/firefox@74.0-r0?arch=s390x&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@74.0-r0%3Farch=s390x&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2020-6805" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-br37-unbc-m7e9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1156?format=api", "vulnerability_id": "VCID-ceek-g87f-m3bn", "summary": "By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6806.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6806.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02595", "scoring_system": "epss", "scoring_elements": "0.85906", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02595", "scoring_system": "epss", "scoring_elements": "0.85881", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02595", "scoring_system": "epss", "scoring_elements": "0.85903", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812200", "reference_id": "1812200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812200" }, { "reference_url": "https://security.archlinux.org/ASA-202003-11", "reference_id": "ASA-202003-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-11" }, { "reference_url": "https://security.archlinux.org/ASA-202003-8", "reference_id": "ASA-202003-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-8" }, { "reference_url": "https://security.archlinux.org/AVG-1112", "reference_id": "AVG-1112", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1112" }, { "reference_url": "https://security.archlinux.org/AVG-1115", "reference_id": "AVG-1115", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1115" }, { "reference_url": "https://security.gentoo.org/glsa/202003-02", "reference_id": "GLSA-202003-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-02" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08", "reference_id": "mfsa2020-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-09", "reference_id": "mfsa2020-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-09" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-10", "reference_id": "mfsa2020-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-10" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0815", "reference_id": "RHSA-2020:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0816", "reference_id": "RHSA-2020:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0819", "reference_id": "RHSA-2020:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0820", "reference_id": "RHSA-2020:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0905", "reference_id": "RHSA-2020:0905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0914", "reference_id": "RHSA-2020:0914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0918", "reference_id": "RHSA-2020:0918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0919", "reference_id": "RHSA-2020:0919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0919" }, { "reference_url": "https://usn.ubuntu.com/4299-1/", "reference_id": "USN-4299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4299-1/" }, { "reference_url": "https://usn.ubuntu.com/4328-1/", "reference_id": "USN-4328-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4328-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/329183?format=api", "purl": "pkg:apk/alpine/firefox@74.0-r0?arch=s390x&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@74.0-r0%3Farch=s390x&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2020-6806" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ceek-g87f-m3bn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1193?format=api", "vulnerability_id": "VCID-cy13-vjpy-43a3", "summary": "Mozilla developers Jason Kratzer, Boris Zbarsky, Tyson Smith, and Alexandru Michis reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6815.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6815.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6815", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00451", "scoring_system": "epss", "scoring_elements": "0.6404", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00451", "scoring_system": "epss", "scoring_elements": "0.6399", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00451", "scoring_system": "epss", "scoring_elements": "0.64032", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6815" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829346", "reference_id": "1829346", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829346" }, { "reference_url": "https://security.archlinux.org/ASA-202003-8", "reference_id": "ASA-202003-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-8" }, { "reference_url": "https://security.archlinux.org/ASA-202004-12", "reference_id": "ASA-202004-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-12" }, { "reference_url": "https://security.archlinux.org/AVG-1112", "reference_id": "AVG-1112", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1112" }, { "reference_url": "https://security.archlinux.org/AVG-1132", "reference_id": "AVG-1132", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1132" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08", "reference_id": "mfsa2020-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08" }, { "reference_url": "https://usn.ubuntu.com/4299-1/", "reference_id": "USN-4299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/329183?format=api", "purl": "pkg:apk/alpine/firefox@74.0-r0?arch=s390x&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@74.0-r0%3Farch=s390x&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2020-6815" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cy13-vjpy-43a3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1190?format=api", "vulnerability_id": "VCID-kz5w-qhha-7fab", "summary": "When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6809.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6809.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6809", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57695", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57747", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57755", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829343", "reference_id": "1829343", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829343" }, { "reference_url": "https://security.archlinux.org/ASA-202003-8", "reference_id": "ASA-202003-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-8" }, { "reference_url": "https://security.archlinux.org/AVG-1112", "reference_id": "AVG-1112", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1112" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08", "reference_id": "mfsa2020-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08" }, { "reference_url": "https://usn.ubuntu.com/4299-1/", "reference_id": "USN-4299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/329183?format=api", "purl": "pkg:apk/alpine/firefox@74.0-r0?arch=s390x&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@74.0-r0%3Farch=s390x&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2020-6809" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kz5w-qhha-7fab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1161?format=api", "vulnerability_id": "VCID-uds1-gpbh-vfbh", "summary": "Mozilla developers and community members Byron Campen, Jason Kratzer, and Christian Holler reported memory safety bugs present in Firefox 73 and Firefox ESR 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6814.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6814.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6814", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74985", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.74952", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.7498", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6814" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812205", "reference_id": "1812205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812205" }, { "reference_url": "https://security.archlinux.org/ASA-202003-11", "reference_id": "ASA-202003-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-11" }, { "reference_url": "https://security.archlinux.org/ASA-202003-8", "reference_id": "ASA-202003-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-8" }, { "reference_url": "https://security.archlinux.org/AVG-1112", "reference_id": "AVG-1112", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1112" }, { "reference_url": "https://security.archlinux.org/AVG-1115", "reference_id": "AVG-1115", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1115" }, { "reference_url": "https://security.gentoo.org/glsa/202003-02", "reference_id": "GLSA-202003-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-02" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08", "reference_id": "mfsa2020-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-09", "reference_id": "mfsa2020-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-09" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-10", "reference_id": "mfsa2020-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-10" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0815", "reference_id": "RHSA-2020:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0816", "reference_id": "RHSA-2020:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0819", "reference_id": "RHSA-2020:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0820", "reference_id": "RHSA-2020:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0905", "reference_id": "RHSA-2020:0905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0914", "reference_id": "RHSA-2020:0914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0918", "reference_id": "RHSA-2020:0918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0919", "reference_id": "RHSA-2020:0919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0919" }, { "reference_url": "https://usn.ubuntu.com/4299-1/", "reference_id": "USN-4299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4299-1/" }, { "reference_url": "https://usn.ubuntu.com/4328-1/", "reference_id": "USN-4328-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4328-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/329183?format=api", "purl": "pkg:apk/alpine/firefox@74.0-r0?arch=s390x&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@74.0-r0%3Farch=s390x&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2020-6814" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uds1-gpbh-vfbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1192?format=api", "vulnerability_id": "VCID-ustm-bhxu-hydy", "summary": "When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6813.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6813.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28761", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28833", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.288", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6813" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829345", "reference_id": "1829345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829345" }, { "reference_url": "https://security.archlinux.org/ASA-202003-8", "reference_id": "ASA-202003-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-8" }, { "reference_url": "https://security.archlinux.org/AVG-1112", "reference_id": "AVG-1112", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1112" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08", "reference_id": "mfsa2020-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-08" }, { "reference_url": "https://usn.ubuntu.com/4299-1/", "reference_id": "USN-4299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/329183?format=api", "purl": "pkg:apk/alpine/firefox@74.0-r0?arch=s390x&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@74.0-r0%3Farch=s390x&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2020-6813" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ustm-bhxu-hydy" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@74.0-r0%3Farch=s390x&distroversion=v3.18&reponame=community" }