Search for vulnerabilities
Vulnerability details: VCID-nx9u-49dk-aaag
Vulnerability ID VCID-nx9u-49dk-aaag
Aliases CVE-2020-1971
VC-OPENSSL-20201208-CVE-2020-1971
Summary
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-476 NULL Pointer Dereference
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual High http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1971.html
rhas Important https://access.redhat.com/errata/RHSA-2020:5422
rhas Important https://access.redhat.com/errata/RHSA-2020:5476
rhas Important https://access.redhat.com/errata/RHSA-2020:5566
rhas Important https://access.redhat.com/errata/RHSA-2020:5588
rhas Important https://access.redhat.com/errata/RHSA-2020:5623
rhas Important https://access.redhat.com/errata/RHSA-2020:5637
rhas Important https://access.redhat.com/errata/RHSA-2020:5639
rhas Important https://access.redhat.com/errata/RHSA-2020:5640
rhas Important https://access.redhat.com/errata/RHSA-2020:5641
rhas Important https://access.redhat.com/errata/RHSA-2020:5642
rhas Important https://access.redhat.com/errata/RHSA-2021:0056
rhas Low https://access.redhat.com/errata/RHSA-2021:0486
rhas Low https://access.redhat.com/errata/RHSA-2021:0488
rhas Low https://access.redhat.com/errata/RHSA-2021:0489
rhas Low https://access.redhat.com/errata/RHSA-2021:0491
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0494
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0495
cvssv3 5.9 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1971.json
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00264 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00271 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00271 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.00437 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.01196 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.01354 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.01354 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.01354 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
epss 0.01354 https://api.first.org/data/v1/epss?cve=CVE-2020-1971
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1903409
generic_textual High https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux High https://security.archlinux.org/AVG-1335
archlinux High https://security.archlinux.org/AVG-1404
generic_textual High https://ubuntu.com/security/notices/USN-4662-1
generic_textual Medium https://ubuntu.com/security/notices/USN-4745-1
generic_textual High https://www.openssl.org/news/secadv/20201208.txt
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1971.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1971.json
https://api.first.org/data/v1/epss?cve=CVE-2020-1971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/openssl/openssl/commit/2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e
https://github.com/openssl/openssl/commit/f960d81215ebf3f65e03d4d5d857fb9b666d6920
https://ubuntu.com/security/notices/USN-4662-1
https://ubuntu.com/security/notices/USN-4745-1
https://www.openssl.org/news/secadv/20201208.txt
1903409 https://bugzilla.redhat.com/show_bug.cgi?id=1903409
ASA-202012-24 https://security.archlinux.org/ASA-202012-24
AVG-1335 https://security.archlinux.org/AVG-1335
AVG-1404 https://security.archlinux.org/AVG-1404
CVE-2020-1971 https://nvd.nist.gov/vuln/detail/CVE-2020-1971
GLSA-202012-13 https://security.gentoo.org/glsa/202012-13
RHSA-2020:5422 https://access.redhat.com/errata/RHSA-2020:5422
RHSA-2020:5476 https://access.redhat.com/errata/RHSA-2020:5476
RHSA-2020:5566 https://access.redhat.com/errata/RHSA-2020:5566
RHSA-2020:5588 https://access.redhat.com/errata/RHSA-2020:5588
RHSA-2020:5623 https://access.redhat.com/errata/RHSA-2020:5623
RHSA-2020:5637 https://access.redhat.com/errata/RHSA-2020:5637
RHSA-2020:5639 https://access.redhat.com/errata/RHSA-2020:5639
RHSA-2020:5640 https://access.redhat.com/errata/RHSA-2020:5640
RHSA-2020:5641 https://access.redhat.com/errata/RHSA-2020:5641
RHSA-2020:5642 https://access.redhat.com/errata/RHSA-2020:5642
RHSA-2021:0056 https://access.redhat.com/errata/RHSA-2021:0056
RHSA-2021:0486 https://access.redhat.com/errata/RHSA-2021:0486
RHSA-2021:0488 https://access.redhat.com/errata/RHSA-2021:0488
RHSA-2021:0489 https://access.redhat.com/errata/RHSA-2021:0489
RHSA-2021:0491 https://access.redhat.com/errata/RHSA-2021:0491
RHSA-2021:0494 https://access.redhat.com/errata/RHSA-2021:0494
RHSA-2021:0495 https://access.redhat.com/errata/RHSA-2021:0495
RHSA-2021:0949 https://access.redhat.com/errata/RHSA-2021:0949
USN-4662-1 https://usn.ubuntu.com/4662-1/
USN-4745-1 https://usn.ubuntu.com/4745-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1971.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.46984
EPSS Score 0.00264
Published At April 14, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.