Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-2xtz-k8nq-n3hf
SummaryA malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. One exploitation vector for this would be to supply a user.js file providing arbitrary malicious preference values. Control of arbitrary preferences can lead to sufficient compromise such that it is generally equivalent to arbitrary code execution. *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*
Aliases
0
alias CVE-2020-6828
Fixed_packages
0
url pkg:deb/debian/firefox-esr@0?distro=trixie
purl pkg:deb/debian/firefox-esr@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie
1
url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3a6f-173h-fqbz
2
vulnerability VCID-3kv6-c148-nkhq
3
vulnerability VCID-4e49-6tg2-e7d9
4
vulnerability VCID-59d3-343b-e3aw
5
vulnerability VCID-5dw5-vpt8-zqbz
6
vulnerability VCID-61r1-arbe-dke4
7
vulnerability VCID-7jt2-zr49-7ye5
8
vulnerability VCID-95et-ezmb-buau
9
vulnerability VCID-9ag7-z86d-nba9
10
vulnerability VCID-9nbw-7c9e-13af
11
vulnerability VCID-av7u-3g4m-mugm
12
vulnerability VCID-bwth-uepr-z7a3
13
vulnerability VCID-cjsm-7gxr-8ygw
14
vulnerability VCID-d16s-p141-qbft
15
vulnerability VCID-fxjm-ywug-f3d5
16
vulnerability VCID-hk2m-rbdy-nqhc
17
vulnerability VCID-ma29-qa7e-9qb4
18
vulnerability VCID-nge1-4cvg-zqb2
19
vulnerability VCID-nyum-jpbc-abew
20
vulnerability VCID-p6yz-xs58-u3gm
21
vulnerability VCID-pfmd-zv8f-8bfc
22
vulnerability VCID-pszh-x9gd-xyg4
23
vulnerability VCID-q689-wneh-hbdq
24
vulnerability VCID-q8qp-5szp-mfe8
25
vulnerability VCID-qbzp-euvv-q7c7
26
vulnerability VCID-ruqn-mk9t-57hb
27
vulnerability VCID-tv7r-qf2c-dqbm
28
vulnerability VCID-ufku-v5vq-4yef
29
vulnerability VCID-w98r-yagc-kkec
30
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie
purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie
5
url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-f81v-9fv8-93cd
12
vulnerability VCID-fxjm-ywug-f3d5
13
vulnerability VCID-hk2m-rbdy-nqhc
14
vulnerability VCID-ma29-qa7e-9qb4
15
vulnerability VCID-nge1-4cvg-zqb2
16
vulnerability VCID-nyum-jpbc-abew
17
vulnerability VCID-p6yz-xs58-u3gm
18
vulnerability VCID-pfmd-zv8f-8bfc
19
vulnerability VCID-q689-wneh-hbdq
20
vulnerability VCID-q8qp-5szp-mfe8
21
vulnerability VCID-ruqn-mk9t-57hb
22
vulnerability VCID-tv7r-qf2c-dqbm
23
vulnerability VCID-w98r-yagc-kkec
24
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie
6
url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1y9d-wx59-fyh2
1
vulnerability VCID-9uk1-zvat-5qc9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-ndwm-svz7-5uen
4
vulnerability VCID-zkbj-717t-j3hw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie
7
url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie
8
url pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-f81v-9fv8-93cd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie
9
url pkg:mozilla/Firefox%20ESR@68.7.0
purl pkg:mozilla/Firefox%20ESR@68.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@68.7.0
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6828.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6828.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-6828
reference_id
reference_type
scores
0
value 0.00355
scoring_system epss
scoring_elements 0.57724
published_at 2026-04-01T12:55:00Z
1
value 0.00355
scoring_system epss
scoring_elements 0.57755
published_at 2026-05-05T12:55:00Z
2
value 0.00355
scoring_system epss
scoring_elements 0.57816
published_at 2026-04-26T12:55:00Z
3
value 0.00355
scoring_system epss
scoring_elements 0.57798
published_at 2026-05-07T12:55:00Z
4
value 0.00355
scoring_system epss
scoring_elements 0.57808
published_at 2026-04-02T12:55:00Z
5
value 0.00355
scoring_system epss
scoring_elements 0.57828
published_at 2026-04-04T12:55:00Z
6
value 0.00355
scoring_system epss
scoring_elements 0.57803
published_at 2026-04-07T12:55:00Z
7
value 0.00355
scoring_system epss
scoring_elements 0.57858
published_at 2026-04-08T12:55:00Z
8
value 0.00355
scoring_system epss
scoring_elements 0.57859
published_at 2026-04-09T12:55:00Z
9
value 0.00355
scoring_system epss
scoring_elements 0.57876
published_at 2026-04-11T12:55:00Z
10
value 0.00355
scoring_system epss
scoring_elements 0.57854
published_at 2026-04-12T12:55:00Z
11
value 0.00355
scoring_system epss
scoring_elements 0.57833
published_at 2026-04-13T12:55:00Z
12
value 0.00355
scoring_system epss
scoring_elements 0.57862
published_at 2026-04-16T12:55:00Z
13
value 0.00355
scoring_system epss
scoring_elements 0.57861
published_at 2026-04-18T12:55:00Z
14
value 0.00355
scoring_system epss
scoring_elements 0.57838
published_at 2026-04-21T12:55:00Z
15
value 0.00355
scoring_system epss
scoring_elements 0.57796
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-6828
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1821967
reference_id 1821967
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1821967
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-13
reference_id mfsa2020-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-13
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
1
cwe_id 642
name External Control of Critical State Data
description The product stores security-critical state information about its users, or the product itself, in a location that is accessible to unauthorized actors.
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-2xtz-k8nq-n3hf