Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-4nrz-wm5t-z3g5
Vulnerability ID VCID-4nrz-wm5t-z3g5
Aliases CVE-2020-8625
Summary bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
cvssv3 8.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json
epss 0.26304 https://api.first.org/data/v1/epss?cve=CVE-2020-8625
epss 0.26304 https://api.first.org/data/v1/epss?cve=CVE-2020-8625
epss 0.26304 https://api.first.org/data/v1/epss?cve=CVE-2020-8625
epss 0.26304 https://api.first.org/data/v1/epss?cve=CVE-2020-8625
epss 0.26304 https://api.first.org/data/v1/epss?cve=CVE-2020-8625
epss 0.26304 https://api.first.org/data/v1/epss?cve=CVE-2020-8625
epss 0.26304 https://api.first.org/data/v1/epss?cve=CVE-2020-8625
epss 0.26304 https://api.first.org/data/v1/epss?cve=CVE-2020-8625
cvssv3.1 8.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux High https://security.archlinux.org/AVG-1589
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json
https://api.first.org/data/v1/epss?cve=CVE-2020-8625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1928486 https://bugzilla.redhat.com/show_bug.cgi?id=1928486
983004 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983004
ASA-202102-40 https://security.archlinux.org/ASA-202102-40
AVG-1589 https://security.archlinux.org/AVG-1589
RHSA-2021:0669 https://access.redhat.com/errata/RHSA-2021:0669
RHSA-2021:0670 https://access.redhat.com/errata/RHSA-2021:0670
RHSA-2021:0671 https://access.redhat.com/errata/RHSA-2021:0671
RHSA-2021:0672 https://access.redhat.com/errata/RHSA-2021:0672
RHSA-2021:0691 https://access.redhat.com/errata/RHSA-2021:0691
RHSA-2021:0692 https://access.redhat.com/errata/RHSA-2021:0692
RHSA-2021:0693 https://access.redhat.com/errata/RHSA-2021:0693
RHSA-2021:0694 https://access.redhat.com/errata/RHSA-2021:0694
RHSA-2021:0727 https://access.redhat.com/errata/RHSA-2021:0727
RHSA-2021:0922 https://access.redhat.com/errata/RHSA-2021:0922
USN-4737-1 https://usn.ubuntu.com/4737-1/
USN-4737-2 https://usn.ubuntu.com/4737-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.96269
EPSS Score 0.26304
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T14:03:08.169506+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json 38.0.0