Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-huqt-1fv6-67cz
Vulnerability ID VCID-huqt-1fv6-67cz
Aliases CVE-2020-35652
Summary An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is received that contains a tel-uri in the Diversion header.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2020-35652
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2020-35652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35652
979372 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979372
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.30039
EPSS Score 0.00114
Published At April 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T16:34:23.549854+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.0.0