{"url":"http://public2.vulnerablecode.io/api/packages/439175?format=json","purl":"pkg:apk/alpine/librewolf@75.0-r0?arch=x86&distroversion=v3.21&reponame=community","type":"apk","namespace":"alpine","name":"librewolf","version":"75.0-r0","qualifiers":{"arch":"x86","distroversion":"v3.21","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"76.0-r0","latest_non_vulnerable_version":"103.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1139?format=json","vulnerability_id":"VCID-hksn-n7sc-6fg6","summary":"Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6826.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6826.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6826","reference_id":"","reference_type":"","scores":[{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65546","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65548","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65537","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65526","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65486","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65538","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6826"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821696","reference_id":"1821696","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821696"},{"reference_url":"https://security.archlinux.org/ASA-202004-8","reference_id":"ASA-202004-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-8"},{"reference_url":"https://security.archlinux.org/AVG-1127","reference_id":"AVG-1127","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1127"},{"reference_url":"https://security.gentoo.org/glsa/202004-11","reference_id":"GLSA-202004-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12","reference_id":"mfsa2020-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12"},{"reference_url":"https://usn.ubuntu.com/4323-1/","reference_id":"USN-4323-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4323-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/439175?format=json","purl":"pkg:apk/alpine/librewolf@75.0-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@75.0-r0%3Farch=x86&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2020-6826"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hksn-n7sc-6fg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1138?format=json","vulnerability_id":"VCID-hkv8-5j39-e7gx","summary":"Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6825.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6825.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6825","reference_id":"","reference_type":"","scores":[{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.7235","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.72325","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.72353","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.72311","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.72359","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00696","scoring_system":"epss","scoring_elements":"0.72339","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6825"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821682","reference_id":"1821682","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821682"},{"reference_url":"https://security.archlinux.org/ASA-202004-8","reference_id":"ASA-202004-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-8"},{"reference_url":"https://security.archlinux.org/AVG-1127","reference_id":"AVG-1127","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1127"},{"reference_url":"https://security.gentoo.org/glsa/202004-11","reference_id":"GLSA-202004-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12","reference_id":"mfsa2020-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13","reference_id":"mfsa2020-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-14","reference_id":"mfsa2020-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1404","reference_id":"RHSA-2020:1404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1406","reference_id":"RHSA-2020:1406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1420","reference_id":"RHSA-2020:1420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1429","reference_id":"RHSA-2020:1429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1488","reference_id":"RHSA-2020:1488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1489","reference_id":"RHSA-2020:1489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1495","reference_id":"RHSA-2020:1495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1496","reference_id":"RHSA-2020:1496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1496"},{"reference_url":"https://usn.ubuntu.com/4323-1/","reference_id":"USN-4323-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4323-1/"},{"reference_url":"https://usn.ubuntu.com/4328-1/","reference_id":"USN-4328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4328-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/439175?format=json","purl":"pkg:apk/alpine/librewolf@75.0-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@75.0-r0%3Farch=x86&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2020-6825"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hkv8-5j39-e7gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1136?format=json","vulnerability_id":"VCID-rafr-bvaq-b7en","summary":"A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6823.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6823.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6823","reference_id":"","reference_type":"","scores":[{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69725","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69724","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69714","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69703","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69676","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69716","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6823"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821693","reference_id":"1821693","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821693"},{"reference_url":"https://security.archlinux.org/ASA-202004-8","reference_id":"ASA-202004-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-8"},{"reference_url":"https://security.archlinux.org/AVG-1127","reference_id":"AVG-1127","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1127"},{"reference_url":"https://security.gentoo.org/glsa/202004-11","reference_id":"GLSA-202004-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12","reference_id":"mfsa2020-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12"},{"reference_url":"https://usn.ubuntu.com/4323-1/","reference_id":"USN-4323-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4323-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/439175?format=json","purl":"pkg:apk/alpine/librewolf@75.0-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@75.0-r0%3Farch=x86&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2020-6823"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rafr-bvaq-b7en"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1134?format=json","vulnerability_id":"VCID-ushh-jwj4-yfcj","summary":"When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6821.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6821.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6821","reference_id":"","reference_type":"","scores":[{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67918","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67879","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67919","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67925","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67915","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67902","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821674","reference_id":"1821674","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821674"},{"reference_url":"https://security.archlinux.org/ASA-202004-12","reference_id":"ASA-202004-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-12"},{"reference_url":"https://security.archlinux.org/ASA-202004-8","reference_id":"ASA-202004-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-8"},{"reference_url":"https://security.archlinux.org/AVG-1127","reference_id":"AVG-1127","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1127"},{"reference_url":"https://security.archlinux.org/AVG-1132","reference_id":"AVG-1132","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1132"},{"reference_url":"https://security.gentoo.org/glsa/202004-11","reference_id":"GLSA-202004-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12","reference_id":"mfsa2020-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13","reference_id":"mfsa2020-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-14","reference_id":"mfsa2020-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1404","reference_id":"RHSA-2020:1404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1406","reference_id":"RHSA-2020:1406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1420","reference_id":"RHSA-2020:1420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1429","reference_id":"RHSA-2020:1429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1488","reference_id":"RHSA-2020:1488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1489","reference_id":"RHSA-2020:1489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1495","reference_id":"RHSA-2020:1495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1496","reference_id":"RHSA-2020:1496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1496"},{"reference_url":"https://usn.ubuntu.com/4323-1/","reference_id":"USN-4323-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4323-1/"},{"reference_url":"https://usn.ubuntu.com/4328-1/","reference_id":"USN-4328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4328-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/439175?format=json","purl":"pkg:apk/alpine/librewolf@75.0-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@75.0-r0%3Farch=x86&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2020-6821"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ushh-jwj4-yfcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1137?format=json","vulnerability_id":"VCID-wmhy-8wxa-s7f3","summary":"Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6824.json","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6824.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6824","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26704","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2679","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2675","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26695","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26696","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26799","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821695","reference_id":"1821695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821695"},{"reference_url":"https://security.archlinux.org/ASA-202004-8","reference_id":"ASA-202004-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-8"},{"reference_url":"https://security.archlinux.org/AVG-1127","reference_id":"AVG-1127","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1127"},{"reference_url":"https://security.gentoo.org/glsa/202004-11","reference_id":"GLSA-202004-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12","reference_id":"mfsa2020-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12"},{"reference_url":"https://usn.ubuntu.com/4323-1/","reference_id":"USN-4323-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4323-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/439175?format=json","purl":"pkg:apk/alpine/librewolf@75.0-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@75.0-r0%3Farch=x86&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2020-6824"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wmhy-8wxa-s7f3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1135?format=json","vulnerability_id":"VCID-xz2e-xc8d-b7d2","summary":"On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6822.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6822.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6822","reference_id":"","reference_type":"","scores":[{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.74642","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.74617","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.74646","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.74609","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.74634","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.7464","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6825"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821676","reference_id":"1821676","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821676"},{"reference_url":"https://security.gentoo.org/glsa/202004-11","reference_id":"GLSA-202004-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12","reference_id":"mfsa2020-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-12"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13","reference_id":"mfsa2020-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-14","reference_id":"mfsa2020-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1404","reference_id":"RHSA-2020:1404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1406","reference_id":"RHSA-2020:1406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1420","reference_id":"RHSA-2020:1420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1429","reference_id":"RHSA-2020:1429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1488","reference_id":"RHSA-2020:1488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1489","reference_id":"RHSA-2020:1489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1495","reference_id":"RHSA-2020:1495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1496","reference_id":"RHSA-2020:1496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1496"},{"reference_url":"https://usn.ubuntu.com/4323-1/","reference_id":"USN-4323-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4323-1/"},{"reference_url":"https://usn.ubuntu.com/4328-1/","reference_id":"USN-4328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4328-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/439175?format=json","purl":"pkg:apk/alpine/librewolf@75.0-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@75.0-r0%3Farch=x86&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2020-6822"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xz2e-xc8d-b7d2"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@75.0-r0%3Farch=x86&distroversion=v3.21&reponame=community"}