Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community

Type apk

Namespace alpine

Name webkit2gtk

Version 2.28.3-r0

Qualifiers

arch	x86
distroversion	v3.20
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.28.4-r0

Latest_non_vulnerable_version 2.36.5-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1jna-a5yv-mffu

vulnerability_id VCID-1jna-a5yv-mffu

summary The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13753.json

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13753.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13753

reference_id

reference_type

scores

value	0.0217
scoring_system	epss
scoring_elements	0.84632
published_at	2026-06-04T12:55:00Z

value	0.0217
scoring_system	epss
scoring_elements	0.84656
published_at	2026-06-05T12:55:00Z

value	0.0217
scoring_system	epss
scoring_elements	0.84643
published_at	2026-06-08T12:55:00Z

value	0.0217
scoring_system	epss
scoring_elements	0.8466
published_at	2026-06-06T12:55:00Z

value	0.0217
scoring_system	epss
scoring_elements	0.84655
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879570
reference_id	1879570
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879570

reference_url	https://security.gentoo.org/glsa/202007-11
reference_id	GLSA-202007-11
reference_type
scores
url	https://security.gentoo.org/glsa/202007-11

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://usn.ubuntu.com/4422-1/
reference_id	USN-4422-1
reference_type
scores
url	https://usn.ubuntu.com/4422-1/

reference_url	https://usn.ubuntu.com/4648-1/
reference_id	USN-4648-1
reference_type
scores
url	https://usn.ubuntu.com/4648-1/

fixed_packages

url	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

aliases CVE-2020-13753

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1jna-a5yv-mffu

url VCID-2xcy-1sny-s3d9

vulnerability_id VCID-2xcy-1sny-s3d9

summary A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9850.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9850.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9850

reference_id

reference_type

scores

value	0.82826
scoring_system	epss
scoring_elements	0.99263
published_at	2026-06-04T12:55:00Z

value	0.82826
scoring_system	epss
scoring_elements	0.99264
published_at	2026-06-07T12:55:00Z

value	0.82826
scoring_system	epss
scoring_elements	0.99265
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9850

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879568
reference_id	1879568
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879568

reference_url	https://security.gentoo.org/glsa/202007-11
reference_id	GLSA-202007-11
reference_type
scores
url	https://security.gentoo.org/glsa/202007-11

reference_url	https://access.redhat.com/errata/RHSA-2020:4451
reference_id	RHSA-2020:4451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4451

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://usn.ubuntu.com/4422-1/
reference_id	USN-4422-1
reference_type
scores
url	https://usn.ubuntu.com/4422-1/

fixed_packages

url	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

aliases CVE-2020-9850

risk_score 10.0

exploitability 2.0

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xcy-1sny-s3d9

url VCID-aysp-ejdx-ybg2

vulnerability_id VCID-aysp-ejdx-ybg2

summary A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9802.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9802.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9802

reference_id

reference_type

scores

value	0.41488
scoring_system	epss
scoring_elements	0.97483
published_at	2026-06-04T12:55:00Z

value	0.41488
scoring_system	epss
scoring_elements	0.9749
published_at	2026-06-08T12:55:00Z

value	0.41488
scoring_system	epss
scoring_elements	0.97489
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879545
reference_id	1879545
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879545

reference_url	https://security.gentoo.org/glsa/202007-11
reference_id	GLSA-202007-11
reference_type
scores
url	https://security.gentoo.org/glsa/202007-11

reference_url

https://support.apple.com/HT211168

reference_id

HT211168

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:41Z/

url

https://support.apple.com/HT211168

reference_url

https://support.apple.com/HT211171

reference_id

HT211171

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:41Z/

url

https://support.apple.com/HT211171

reference_url

https://support.apple.com/HT211175

reference_id

HT211175

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:41Z/

url

https://support.apple.com/HT211175

reference_url

https://support.apple.com/HT211177

reference_id

HT211177

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:41Z/

url

https://support.apple.com/HT211177

reference_url

https://support.apple.com/HT211178

reference_id

HT211178

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:41Z/

url

https://support.apple.com/HT211178

reference_url

https://support.apple.com/HT211179

reference_id

HT211179

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:41Z/

url

https://support.apple.com/HT211179

reference_url

https://support.apple.com/HT211181

reference_id

HT211181

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:41Z/

url

https://support.apple.com/HT211181

reference_url	https://access.redhat.com/errata/RHSA-2020:4451
reference_id	RHSA-2020:4451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4451

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://usn.ubuntu.com/4422-1/
reference_id	USN-4422-1
reference_type
scores
url	https://usn.ubuntu.com/4422-1/

fixed_packages

url	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

aliases CVE-2020-9802

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aysp-ejdx-ybg2

url VCID-dnvm-5j6k-sqhq

vulnerability_id VCID-dnvm-5j6k-sqhq

summary A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9803.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9803.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9803

reference_id

reference_type

scores

value	0.00754
scoring_system	epss
scoring_elements	0.73581
published_at	2026-06-04T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73617
published_at	2026-06-05T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73594
published_at	2026-06-08T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73622
published_at	2026-06-06T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73608
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879557
reference_id	1879557
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879557

reference_url	https://security.gentoo.org/glsa/202007-11
reference_id	GLSA-202007-11
reference_type
scores
url	https://security.gentoo.org/glsa/202007-11

reference_url	https://access.redhat.com/errata/RHSA-2020:4451
reference_id	RHSA-2020:4451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4451

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://usn.ubuntu.com/4422-1/
reference_id	USN-4422-1
reference_type
scores
url	https://usn.ubuntu.com/4422-1/

fixed_packages

url	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

aliases CVE-2020-9803

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dnvm-5j6k-sqhq

url VCID-f53y-8yth-jubh

vulnerability_id VCID-f53y-8yth-jubh

summary A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9805.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9805.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9805

reference_id

reference_type

scores

value	0.00818
scoring_system	epss
scoring_elements	0.74717
published_at	2026-06-04T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74748
published_at	2026-06-05T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74724
published_at	2026-06-08T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74753
published_at	2026-06-06T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74741
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879559
reference_id	1879559
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879559

reference_url	https://security.gentoo.org/glsa/202007-11
reference_id	GLSA-202007-11
reference_type
scores
url	https://security.gentoo.org/glsa/202007-11

reference_url	https://access.redhat.com/errata/RHSA-2020:4451
reference_id	RHSA-2020:4451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4451

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://usn.ubuntu.com/4422-1/
reference_id	USN-4422-1
reference_type
scores
url	https://usn.ubuntu.com/4422-1/

fixed_packages

url	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

aliases CVE-2020-9805

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f53y-8yth-jubh

url VCID-n4ay-5q9n-jfhh

vulnerability_id VCID-n4ay-5q9n-jfhh

summary A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9807.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9807.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9807

reference_id

reference_type

scores

value	0.00674
scoring_system	epss
scoring_elements	0.71826
published_at	2026-06-04T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71865
published_at	2026-06-05T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71836
published_at	2026-06-08T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71872
published_at	2026-06-06T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.7185
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879564
reference_id	1879564
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879564

reference_url	https://security.gentoo.org/glsa/202007-11
reference_id	GLSA-202007-11
reference_type
scores
url	https://security.gentoo.org/glsa/202007-11

reference_url	https://access.redhat.com/errata/RHSA-2020:4451
reference_id	RHSA-2020:4451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4451

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://usn.ubuntu.com/4422-1/
reference_id	USN-4422-1
reference_type
scores
url	https://usn.ubuntu.com/4422-1/

fixed_packages

url	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

aliases CVE-2020-9807

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n4ay-5q9n-jfhh

url VCID-n97d-fm28-v3bf

vulnerability_id VCID-n97d-fm28-v3bf

summary An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9952.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9952.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9952

reference_id

reference_type

scores

value	0.00625
scoring_system	epss
scoring_elements	0.70555
published_at	2026-06-04T12:55:00Z

value	0.00625
scoring_system	epss
scoring_elements	0.70597
published_at	2026-06-05T12:55:00Z

value	0.00625
scoring_system	epss
scoring_elements	0.70577
published_at	2026-06-08T12:55:00Z

value	0.00625
scoring_system	epss
scoring_elements	0.70607
published_at	2026-06-06T12:55:00Z

value	0.00625
scoring_system	epss
scoring_elements	0.70589
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9893
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9893

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9894
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9894

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9895
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9895

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9915
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9915

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1901219
reference_id	1901219
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1901219

reference_url	https://security.gentoo.org/glsa/202012-10
reference_id	GLSA-202012-10
reference_type
scores
url	https://security.gentoo.org/glsa/202012-10

reference_url	https://access.redhat.com/errata/RHSA-2020:4451
reference_id	RHSA-2020:4451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4451

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://usn.ubuntu.com/4648-1/
reference_id	USN-4648-1
reference_type
scores
url	https://usn.ubuntu.com/4648-1/

fixed_packages

url	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

aliases CVE-2020-9952

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n97d-fm28-v3bf

url VCID-zgn5-ukc9-7kfb

vulnerability_id VCID-zgn5-ukc9-7kfb

summary An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9843.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9843.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9843

reference_id

reference_type

scores

value	0.00818
scoring_system	epss
scoring_elements	0.74717
published_at	2026-06-04T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74748
published_at	2026-06-05T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74724
published_at	2026-06-08T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74753
published_at	2026-06-06T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74741
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879566
reference_id	1879566
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879566

reference_url	https://security.gentoo.org/glsa/202007-11
reference_id	GLSA-202007-11
reference_type
scores
url	https://security.gentoo.org/glsa/202007-11

reference_url	https://access.redhat.com/errata/RHSA-2020:4451
reference_id	RHSA-2020:4451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4451

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://usn.ubuntu.com/4422-1/
reference_id	USN-4422-1
reference_type
scores
url	https://usn.ubuntu.com/4422-1/

fixed_packages

url	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

aliases CVE-2020-9843

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgn5-ukc9-7kfb

url VCID-zn5v-9rpy-mbfj

vulnerability_id VCID-zn5v-9rpy-mbfj

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9806.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9806.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9806

reference_id

reference_type

scores

value	0.00436
scoring_system	epss
scoring_elements	0.63319
published_at	2026-06-04T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63363
published_at	2026-06-05T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63346
published_at	2026-06-08T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.6337
published_at	2026-06-06T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63359
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879563
reference_id	1879563
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879563

reference_url	https://security.gentoo.org/glsa/202007-11
reference_id	GLSA-202007-11
reference_type
scores
url	https://security.gentoo.org/glsa/202007-11

reference_url	https://access.redhat.com/errata/RHSA-2020:4451
reference_id	RHSA-2020:4451
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4451

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://usn.ubuntu.com/4422-1/
reference_id	USN-4422-1
reference_type
scores
url	https://usn.ubuntu.com/4422-1/

fixed_packages

url	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/webkit2gtk@2.28.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

aliases CVE-2020-9806

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zn5v-9rpy-mbfj

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk@2.28.3-r0%3Farch=x86&distroversion=v3.20&reponame=community

Package Instance