{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T04:32:33.992","vulnerabilities":[{"cve":{"id":"CVE-2020-15650","sourceIdentifier":"security@mozilla.org","published":"2020-08-10T18:15:12.187","lastModified":"2024-11-21T05:05:56.680","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11."},{"lang":"es","value":"Dada una aplicación de selección de archivos maliciosa instalada, un atacante fue capaz de sobrescribir archivos locales y, por lo tanto, sobrescribir la configuración de Firefox (pero sin acceder al perfil anterior). * Nota: este problema solo afectó a Firefox para Android. Otros sistemas operativos no están afectados. *. Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a 68.11"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","versionEndExcluding":"68.11","matchCriteriaId":"A0267D9C-02C0-4057-AFBC-C14B11792AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1652360","source":"security@mozilla.org","tags":["Issue Tracking"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-31/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1652360","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-31/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}