VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	6.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12392.json
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2020-12392
cvssv2	2.1	https://nvd.nist.gov/vuln/detail/CVE-2020-12392
cvssv3.1	5.5	https://nvd.nist.gov/vuln/detail/CVE-2020-12392
archlinux	Critical	https://security.archlinux.org/AVG-1148
archlinux	Critical	https://security.archlinux.org/AVG-1155
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2020-16
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2020-17
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2020-18

System

Score

Found at

cvssv3

6.1

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12392.json

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

epss

0.00151

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

cvssv2

2.1

https://nvd.nist.gov/vuln/detail/CVE-2020-12392

cvssv3.1

5.5

https://nvd.nist.gov/vuln/detail/CVE-2020-12392

archlinux

Critical

https://security.archlinux.org/AVG-1148

archlinux

Critical

https://security.archlinux.org/AVG-1155

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2020-18

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12392.json
		https://api.first.org/data/v1/epss?cve=CVE-2020-12392
		https://bugzilla.mozilla.org/show_bug.cgi?id=1614468
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831
		https://security.gentoo.org/glsa/202005-03
		https://security.gentoo.org/glsa/202005-04
		https://www.mozilla.org/security/advisories/mfsa2020-16/
		https://www.mozilla.org/security/advisories/mfsa2020-17/
		https://www.mozilla.org/security/advisories/mfsa2020-18/
1831764		https://bugzilla.redhat.com/show_bug.cgi?id=1831764
ASA-202005-3		https://security.archlinux.org/ASA-202005-3
ASA-202005-7		https://security.archlinux.org/ASA-202005-7
AVG-1148		https://security.archlinux.org/AVG-1148
AVG-1155		https://security.archlinux.org/AVG-1155
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::
CVE-2020-12392		https://nvd.nist.gov/vuln/detail/CVE-2020-12392
mfsa2020-16		https://www.mozilla.org/en-US/security/advisories/mfsa2020-16
mfsa2020-17		https://www.mozilla.org/en-US/security/advisories/mfsa2020-17
mfsa2020-18		https://www.mozilla.org/en-US/security/advisories/mfsa2020-18
RHSA-2020:2031		https://access.redhat.com/errata/RHSA-2020:2031
RHSA-2020:2032		https://access.redhat.com/errata/RHSA-2020:2032
RHSA-2020:2033		https://access.redhat.com/errata/RHSA-2020:2033
RHSA-2020:2036		https://access.redhat.com/errata/RHSA-2020:2036
RHSA-2020:2037		https://access.redhat.com/errata/RHSA-2020:2037
RHSA-2020:2046		https://access.redhat.com/errata/RHSA-2020:2046
RHSA-2020:2047		https://access.redhat.com/errata/RHSA-2020:2047
RHSA-2020:2048		https://access.redhat.com/errata/RHSA-2020:2048
RHSA-2020:2049		https://access.redhat.com/errata/RHSA-2020:2049
RHSA-2020:2050		https://access.redhat.com/errata/RHSA-2020:2050
USN-4353-1		https://usn.ubuntu.com/4353-1/
USN-4373-1		https://usn.ubuntu.com/4373-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12392.json

https://api.first.org/data/v1/epss?cve=CVE-2020-12392

https://bugzilla.mozilla.org/show_bug.cgi?id=1614468

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831

https://security.gentoo.org/glsa/202005-03

https://security.gentoo.org/glsa/202005-04

https://www.mozilla.org/security/advisories/mfsa2020-16/

https://www.mozilla.org/security/advisories/mfsa2020-17/

https://www.mozilla.org/security/advisories/mfsa2020-18/

1831764

https://bugzilla.redhat.com/show_bug.cgi?id=1831764

ASA-202005-3

https://security.archlinux.org/ASA-202005-3

ASA-202005-7

https://security.archlinux.org/ASA-202005-7

AVG-1148

https://security.archlinux.org/AVG-1148

AVG-1155

https://security.archlinux.org/AVG-1155

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

CVE-2020-12392

https://nvd.nist.gov/vuln/detail/CVE-2020-12392

mfsa2020-16

https://www.mozilla.org/en-US/security/advisories/mfsa2020-16

mfsa2020-17

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17

mfsa2020-18

https://www.mozilla.org/en-US/security/advisories/mfsa2020-18

RHSA-2020:2031

https://access.redhat.com/errata/RHSA-2020:2031

RHSA-2020:2032

https://access.redhat.com/errata/RHSA-2020:2032

RHSA-2020:2033

https://access.redhat.com/errata/RHSA-2020:2033

RHSA-2020:2036

https://access.redhat.com/errata/RHSA-2020:2036

RHSA-2020:2037

https://access.redhat.com/errata/RHSA-2020:2037

RHSA-2020:2046

https://access.redhat.com/errata/RHSA-2020:2046

RHSA-2020:2047

https://access.redhat.com/errata/RHSA-2020:2047

RHSA-2020:2048

https://access.redhat.com/errata/RHSA-2020:2048

RHSA-2020:2049

https://access.redhat.com/errata/RHSA-2020:2049

RHSA-2020:2050

https://access.redhat.com/errata/RHSA-2020:2050

USN-4353-1

https://usn.ubuntu.com/4353-1/

USN-4373-1

https://usn.ubuntu.com/4373-1/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:09:39.505262+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2020/mfsa2020-18.yml	37.0.0

2025-07-31T08:09:39.505262+00:00

Mozilla Importer

Import

https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2020/mfsa2020-18.yml

37.0.0

Vulnerability ID	VCID-58g6-ydgs-yyck
Aliases	CVE-2020-12392
Summary	The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

CWE-552	Files or Directories Accessible to External Parties
CWE-22	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Percentile	0.3656
EPSS Score	0.00151
Published At	July 30, 2025, 12:55 p.m.