Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community

Type apk

Namespace alpine

Name thunderbird

Version 68.5.0-r0

Qualifiers

arch	riscv64
distroversion	v3.22
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 68.6.0-r0

Latest_non_vulnerable_version 128.5.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5hf5-4r5b-y3ay

vulnerability_id VCID-5hf5-4r5b-y3ay

summary By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact.*Note: this issue only occurs on Mac OSX. Other operating systems are unaffected.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6797.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6797.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6797

reference_id

reference_type

scores

value	0.0061
scoring_system	epss
scoring_elements	0.70178
published_at	2026-06-05T12:55:00Z

value	0.0061
scoring_system	epss
scoring_elements	0.70157
published_at	2026-06-08T12:55:00Z

value	0.0061
scoring_system	epss
scoring_elements	0.70169
published_at	2026-06-07T12:55:00Z

value	0.0061
scoring_system	epss
scoring_elements	0.70136
published_at	2026-06-04T12:55:00Z

value	0.0061
scoring_system	epss
scoring_elements	0.70186
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6797

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1801917
reference_id	1801917
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1801917

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-05

reference_id

mfsa2020-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-06

reference_id

mfsa2020-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_id

mfsa2020-07

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

fixed_packages

url	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@68.5.0-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2020-6797

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5hf5-4r5b-y3ay

url VCID-68pj-1q11-6uf9

vulnerability_id VCID-68pj-1q11-6uf9

summary When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6793.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6793.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6793

reference_id

reference_type

scores

value	0.00798
scoring_system	epss
scoring_elements	0.7438
published_at	2026-06-08T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74409
published_at	2026-06-06T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74397
published_at	2026-06-07T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74372
published_at	2026-06-04T12:55:00Z

value	0.00798
scoring_system	epss
scoring_elements	0.74404
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1801955
reference_id	1801955
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1801955

reference_url	https://security.archlinux.org/ASA-202002-9
reference_id	ASA-202002-9
reference_type
scores
url	https://security.archlinux.org/ASA-202002-9

reference_url

https://security.archlinux.org/AVG-1099

reference_id

AVG-1099

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1099

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_id

mfsa2020-07

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_url	https://access.redhat.com/errata/RHSA-2020:0565
reference_id	RHSA-2020:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0565

reference_url	https://access.redhat.com/errata/RHSA-2020:0574
reference_id	RHSA-2020:0574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0574

reference_url	https://access.redhat.com/errata/RHSA-2020:0576
reference_id	RHSA-2020:0576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0576

reference_url	https://access.redhat.com/errata/RHSA-2020:0577
reference_id	RHSA-2020:0577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0577

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@68.5.0-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2020-6793

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-68pj-1q11-6uf9

url VCID-715e-6v5x-u7en

vulnerability_id VCID-715e-6v5x-u7en

summary When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6792.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6792.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6792

reference_id

reference_type

scores

value	0.00953
scoring_system	epss
scoring_elements	0.76778
published_at	2026-06-08T12:55:00Z

value	0.00953
scoring_system	epss
scoring_elements	0.76798
published_at	2026-06-06T12:55:00Z

value	0.00953
scoring_system	epss
scoring_elements	0.76788
published_at	2026-06-07T12:55:00Z

value	0.00953
scoring_system	epss
scoring_elements	0.76759
published_at	2026-06-04T12:55:00Z

value	0.00953
scoring_system	epss
scoring_elements	0.76792
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1801958
reference_id	1801958
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1801958

reference_url	https://security.archlinux.org/ASA-202002-9
reference_id	ASA-202002-9
reference_type
scores
url	https://security.archlinux.org/ASA-202002-9

reference_url

https://security.archlinux.org/AVG-1099

reference_id

AVG-1099

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1099

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_id

mfsa2020-07

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_url	https://access.redhat.com/errata/RHSA-2020:0565
reference_id	RHSA-2020:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0565

reference_url	https://access.redhat.com/errata/RHSA-2020:0574
reference_id	RHSA-2020:0574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0574

reference_url	https://access.redhat.com/errata/RHSA-2020:0576
reference_id	RHSA-2020:0576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0576

reference_url	https://access.redhat.com/errata/RHSA-2020:0577
reference_id	RHSA-2020:0577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0577

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@68.5.0-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2020-6792

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-715e-6v5x-u7en

url VCID-kmzy-9ys1-9khy

vulnerability_id VCID-kmzy-9ys1-9khy

summary Mozilla developers and community members Raul Gurzau, Tyson Smith, Bob Clary, Liz Henry, and Christian Holler reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6800.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6800.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6800

reference_id

reference_type

scores

value	0.00949
scoring_system	epss
scoring_elements	0.7673
published_at	2026-06-08T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76714
published_at	2026-06-04T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76746
published_at	2026-06-05T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76752
published_at	2026-06-06T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76741
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1801920
reference_id	1801920
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1801920

reference_url	https://security.archlinux.org/ASA-202002-5
reference_id	ASA-202002-5
reference_type
scores
url	https://security.archlinux.org/ASA-202002-5

reference_url	https://security.archlinux.org/ASA-202002-9
reference_id	ASA-202002-9
reference_type
scores
url	https://security.archlinux.org/ASA-202002-9

reference_url

https://security.archlinux.org/AVG-1096

reference_id

AVG-1096

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1096

reference_url

https://security.archlinux.org/AVG-1099

reference_id

AVG-1099

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1099

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-05

reference_id

mfsa2020-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-06

reference_id

mfsa2020-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_id

mfsa2020-07

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_url	https://access.redhat.com/errata/RHSA-2020:0512
reference_id	RHSA-2020:0512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0512

reference_url	https://access.redhat.com/errata/RHSA-2020:0519
reference_id	RHSA-2020:0519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0519

reference_url	https://access.redhat.com/errata/RHSA-2020:0520
reference_id	RHSA-2020:0520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0520

reference_url	https://access.redhat.com/errata/RHSA-2020:0521
reference_id	RHSA-2020:0521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0521

reference_url	https://access.redhat.com/errata/RHSA-2020:0565
reference_id	RHSA-2020:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0565

reference_url	https://access.redhat.com/errata/RHSA-2020:0574
reference_id	RHSA-2020:0574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0574

reference_url	https://access.redhat.com/errata/RHSA-2020:0576
reference_id	RHSA-2020:0576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0576

reference_url	https://access.redhat.com/errata/RHSA-2020:0577
reference_id	RHSA-2020:0577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0577

reference_url	https://usn.ubuntu.com/4278-1/
reference_id	USN-4278-1
reference_type
scores
url	https://usn.ubuntu.com/4278-1/

reference_url	https://usn.ubuntu.com/4278-2/
reference_id	USN-4278-2
reference_type
scores
url	https://usn.ubuntu.com/4278-2/

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@68.5.0-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2020-6800

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kmzy-9ys1-9khy

url VCID-t8y9-a5nm-pbea

vulnerability_id VCID-t8y9-a5nm-pbea

summary If a <template> tag was used in a <select%gt; tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6798.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6798.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6798

reference_id

reference_type

scores

value	0.01279
scoring_system	epss
scoring_elements	0.79929
published_at	2026-06-08T12:55:00Z

value	0.01279
scoring_system	epss
scoring_elements	0.79913
published_at	2026-06-04T12:55:00Z

value	0.01279
scoring_system	epss
scoring_elements	0.79938
published_at	2026-06-05T12:55:00Z

value	0.01279
scoring_system	epss
scoring_elements	0.79943
published_at	2026-06-06T12:55:00Z

value	0.01279
scoring_system	epss
scoring_elements	0.79939
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1801918
reference_id	1801918
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1801918

reference_url	https://security.archlinux.org/ASA-202002-5
reference_id	ASA-202002-5
reference_type
scores
url	https://security.archlinux.org/ASA-202002-5

reference_url	https://security.archlinux.org/ASA-202002-9
reference_id	ASA-202002-9
reference_type
scores
url	https://security.archlinux.org/ASA-202002-9

reference_url

https://security.archlinux.org/AVG-1096

reference_id

AVG-1096

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1096

reference_url

https://security.archlinux.org/AVG-1099

reference_id

AVG-1099

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1099

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-05

reference_id

mfsa2020-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-06

reference_id

mfsa2020-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_id

mfsa2020-07

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_url	https://access.redhat.com/errata/RHSA-2020:0512
reference_id	RHSA-2020:0512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0512

reference_url	https://access.redhat.com/errata/RHSA-2020:0519
reference_id	RHSA-2020:0519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0519

reference_url	https://access.redhat.com/errata/RHSA-2020:0520
reference_id	RHSA-2020:0520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0520

reference_url	https://access.redhat.com/errata/RHSA-2020:0521
reference_id	RHSA-2020:0521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0521

reference_url	https://access.redhat.com/errata/RHSA-2020:0565
reference_id	RHSA-2020:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0565

reference_url	https://access.redhat.com/errata/RHSA-2020:0574
reference_id	RHSA-2020:0574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0574

reference_url	https://access.redhat.com/errata/RHSA-2020:0576
reference_id	RHSA-2020:0576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0576

reference_url	https://access.redhat.com/errata/RHSA-2020:0577
reference_id	RHSA-2020:0577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0577

reference_url	https://usn.ubuntu.com/4278-1/
reference_id	USN-4278-1
reference_type
scores
url	https://usn.ubuntu.com/4278-1/

reference_url	https://usn.ubuntu.com/4278-2/
reference_id	USN-4278-2
reference_type
scores
url	https://usn.ubuntu.com/4278-2/

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@68.5.0-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2020-6798

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8y9-a5nm-pbea

url VCID-vev1-v424-93fp

vulnerability_id VCID-vev1-v424-93fp

summary If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Thunderbird 60. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6794.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6794.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6794

reference_id

reference_type

scores

value	0.00397
scoring_system	epss
scoring_elements	0.60877
published_at	2026-06-08T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60907
published_at	2026-06-06T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60895
published_at	2026-06-07T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.6085
published_at	2026-06-04T12:55:00Z

value	0.00397
scoring_system	epss
scoring_elements	0.60899
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1801956
reference_id	1801956
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1801956

reference_url	https://security.archlinux.org/ASA-202002-9
reference_id	ASA-202002-9
reference_type
scores
url	https://security.archlinux.org/ASA-202002-9

reference_url

https://security.archlinux.org/AVG-1099

reference_id

AVG-1099

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1099

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_id

mfsa2020-07

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_url	https://access.redhat.com/errata/RHSA-2020:0565
reference_id	RHSA-2020:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0565

reference_url	https://access.redhat.com/errata/RHSA-2020:0574
reference_id	RHSA-2020:0574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0574

reference_url	https://access.redhat.com/errata/RHSA-2020:0576
reference_id	RHSA-2020:0576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0576

reference_url	https://access.redhat.com/errata/RHSA-2020:0577
reference_id	RHSA-2020:0577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0577

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@68.5.0-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2020-6794

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vev1-v424-93fp

url VCID-z857-9upx-yqff

vulnerability_id VCID-z857-9upx-yqff

summary When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6795.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6795

reference_id

reference_type

scores

value	0.00684
scoring_system	epss
scoring_elements	0.72059
published_at	2026-06-08T12:55:00Z

value	0.00684
scoring_system	epss
scoring_elements	0.72095
published_at	2026-06-06T12:55:00Z

value	0.00684
scoring_system	epss
scoring_elements	0.72072
published_at	2026-06-07T12:55:00Z

value	0.00684
scoring_system	epss
scoring_elements	0.72047
published_at	2026-06-04T12:55:00Z

value	0.00684
scoring_system	epss
scoring_elements	0.72088
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1801957
reference_id	1801957
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1801957

reference_url	https://security.archlinux.org/ASA-202002-9
reference_id	ASA-202002-9
reference_type
scores
url	https://security.archlinux.org/ASA-202002-9

reference_url

https://security.archlinux.org/AVG-1099

reference_id

AVG-1099

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1099

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_id

mfsa2020-07

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-07

reference_url	https://access.redhat.com/errata/RHSA-2020:0565
reference_id	RHSA-2020:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0565

reference_url	https://access.redhat.com/errata/RHSA-2020:0574
reference_id	RHSA-2020:0574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0574

reference_url	https://access.redhat.com/errata/RHSA-2020:0576
reference_id	RHSA-2020:0576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0576

reference_url	https://access.redhat.com/errata/RHSA-2020:0577
reference_id	RHSA-2020:0577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0577

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/thunderbird@68.5.0-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@68.5.0-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2020-6795

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z857-9upx-yqff

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@68.5.0-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

Package Instance