Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/413851?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/413851?format=api", "purl": "pkg:apk/alpine/firefox@75.0-r0?arch=ppc64le&distroversion=v3.16&reponame=community", "type": "apk", "namespace": "alpine", "name": "firefox", "version": "75.0-r0", "qualifiers": { "arch": "ppc64le", "distroversion": "v3.16", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "76.0-r0", "latest_non_vulnerable_version": "101.0-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1139?format=api", "vulnerability_id": "VCID-hksn-n7sc-6fg6", "summary": "Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6826.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6826.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6826", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65546", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65548", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65537", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65526", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65486", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65538", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6826" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821696", "reference_id": "1821696", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821696" }, { "reference_url": "https://security.archlinux.org/ASA-202004-8", "reference_id": "ASA-202004-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-8" }, { "reference_url": "https://security.archlinux.org/AVG-1127", "reference_id": "AVG-1127", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1127" }, { "reference_url": "https://security.gentoo.org/glsa/202004-11", "reference_id": "GLSA-202004-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12", "reference_id": "mfsa2020-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12" }, { "reference_url": "https://usn.ubuntu.com/4323-1/", "reference_id": "USN-4323-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4323-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/413851?format=api", "purl": "pkg:apk/alpine/firefox@75.0-r0?arch=ppc64le&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@75.0-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-6826" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hksn-n7sc-6fg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1138?format=api", "vulnerability_id": "VCID-hkv8-5j39-e7gx", "summary": "Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6825.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6825.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6825", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.7235", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.72325", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.72353", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.72311", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.72359", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.72339", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6825" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821682", "reference_id": "1821682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821682" }, { "reference_url": "https://security.archlinux.org/ASA-202004-8", "reference_id": "ASA-202004-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-8" }, { "reference_url": "https://security.archlinux.org/AVG-1127", "reference_id": "AVG-1127", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1127" }, { "reference_url": "https://security.gentoo.org/glsa/202004-11", "reference_id": "GLSA-202004-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12", "reference_id": "mfsa2020-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13", "reference_id": "mfsa2020-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-14", "reference_id": "mfsa2020-14", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1404", "reference_id": "RHSA-2020:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1406", "reference_id": "RHSA-2020:1406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1420", "reference_id": "RHSA-2020:1420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1429", "reference_id": "RHSA-2020:1429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1488", "reference_id": "RHSA-2020:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1489", "reference_id": "RHSA-2020:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1495", "reference_id": "RHSA-2020:1495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1496", "reference_id": "RHSA-2020:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1496" }, { "reference_url": "https://usn.ubuntu.com/4323-1/", "reference_id": "USN-4323-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4323-1/" }, { "reference_url": "https://usn.ubuntu.com/4328-1/", "reference_id": "USN-4328-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4328-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/413851?format=api", "purl": "pkg:apk/alpine/firefox@75.0-r0?arch=ppc64le&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@75.0-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-6825" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkv8-5j39-e7gx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1136?format=api", "vulnerability_id": "VCID-rafr-bvaq-b7en", "summary": "A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6823.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6823.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6823", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00594", "scoring_system": "epss", "scoring_elements": "0.69725", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00594", "scoring_system": "epss", "scoring_elements": "0.69724", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00594", "scoring_system": "epss", "scoring_elements": "0.69714", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00594", "scoring_system": "epss", "scoring_elements": "0.69703", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00594", "scoring_system": "epss", "scoring_elements": "0.69676", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00594", "scoring_system": "epss", "scoring_elements": "0.69716", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6823" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821693", "reference_id": "1821693", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821693" }, { "reference_url": "https://security.archlinux.org/ASA-202004-8", "reference_id": "ASA-202004-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-8" }, { "reference_url": "https://security.archlinux.org/AVG-1127", "reference_id": "AVG-1127", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1127" }, { "reference_url": "https://security.gentoo.org/glsa/202004-11", "reference_id": "GLSA-202004-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12", "reference_id": "mfsa2020-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12" }, { "reference_url": "https://usn.ubuntu.com/4323-1/", "reference_id": "USN-4323-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4323-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/413851?format=api", "purl": "pkg:apk/alpine/firefox@75.0-r0?arch=ppc64le&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@75.0-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-6823" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rafr-bvaq-b7en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1134?format=api", "vulnerability_id": "VCID-ushh-jwj4-yfcj", "summary": "When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6821.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6821.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6821", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67918", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67879", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67919", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67925", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67915", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67902", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6821" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821674", "reference_id": "1821674", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821674" }, { "reference_url": "https://security.archlinux.org/ASA-202004-12", "reference_id": "ASA-202004-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-12" }, { "reference_url": "https://security.archlinux.org/ASA-202004-8", "reference_id": "ASA-202004-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-8" }, { "reference_url": "https://security.archlinux.org/AVG-1127", "reference_id": "AVG-1127", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1127" }, { "reference_url": "https://security.archlinux.org/AVG-1132", "reference_id": "AVG-1132", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1132" }, { "reference_url": "https://security.gentoo.org/glsa/202004-11", "reference_id": "GLSA-202004-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12", "reference_id": "mfsa2020-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13", "reference_id": "mfsa2020-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-14", "reference_id": "mfsa2020-14", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1404", "reference_id": "RHSA-2020:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1406", "reference_id": "RHSA-2020:1406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1420", "reference_id": "RHSA-2020:1420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1429", "reference_id": "RHSA-2020:1429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1488", "reference_id": "RHSA-2020:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1489", "reference_id": "RHSA-2020:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1495", "reference_id": "RHSA-2020:1495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1496", "reference_id": "RHSA-2020:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1496" }, { "reference_url": "https://usn.ubuntu.com/4323-1/", "reference_id": "USN-4323-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4323-1/" }, { "reference_url": "https://usn.ubuntu.com/4328-1/", "reference_id": "USN-4328-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4328-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/413851?format=api", "purl": "pkg:apk/alpine/firefox@75.0-r0?arch=ppc64le&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@75.0-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-6821" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ushh-jwj4-yfcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1137?format=api", "vulnerability_id": "VCID-wmhy-8wxa-s7f3", "summary": "Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6824.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6824.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26704", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2679", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2675", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26695", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26696", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26799", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821695", "reference_id": "1821695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821695" }, { "reference_url": "https://security.archlinux.org/ASA-202004-8", "reference_id": "ASA-202004-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-8" }, { "reference_url": "https://security.archlinux.org/AVG-1127", "reference_id": "AVG-1127", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1127" }, { "reference_url": "https://security.gentoo.org/glsa/202004-11", "reference_id": "GLSA-202004-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12", "reference_id": "mfsa2020-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12" }, { "reference_url": "https://usn.ubuntu.com/4323-1/", "reference_id": "USN-4323-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4323-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/413851?format=api", "purl": "pkg:apk/alpine/firefox@75.0-r0?arch=ppc64le&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@75.0-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-6824" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wmhy-8wxa-s7f3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1135?format=api", "vulnerability_id": "VCID-xz2e-xc8d-b7d2", "summary": "On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6822.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6822.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6822", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.74642", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.74617", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.74646", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.74609", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.74634", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.7464", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821676", "reference_id": "1821676", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821676" }, { "reference_url": "https://security.gentoo.org/glsa/202004-11", "reference_id": "GLSA-202004-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12", "reference_id": "mfsa2020-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13", "reference_id": "mfsa2020-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-14", "reference_id": "mfsa2020-14", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1404", "reference_id": "RHSA-2020:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1406", "reference_id": "RHSA-2020:1406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1420", "reference_id": "RHSA-2020:1420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1429", "reference_id": "RHSA-2020:1429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1488", "reference_id": "RHSA-2020:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1489", "reference_id": "RHSA-2020:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1495", "reference_id": "RHSA-2020:1495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1496", "reference_id": "RHSA-2020:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1496" }, { "reference_url": "https://usn.ubuntu.com/4323-1/", "reference_id": "USN-4323-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4323-1/" }, { "reference_url": "https://usn.ubuntu.com/4328-1/", "reference_id": "USN-4328-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4328-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/413851?format=api", "purl": "pkg:apk/alpine/firefox@75.0-r0?arch=ppc64le&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@75.0-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-6822" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xz2e-xc8d-b7d2" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@75.0-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community" }