Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-um87-6yps-cbfk
Vulnerability ID VCID-um87-6yps-cbfk
Aliases CVE-2020-10188
Summary telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code
Status Published
Exploitability 0.5
Weighted Severity 8.8
Risk 4.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
cvssv3 9.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json
epss 0.08404 https://api.first.org/data/v1/epss?cve=CVE-2020-10188
epss 0.08404 https://api.first.org/data/v1/epss?cve=CVE-2020-10188
epss 0.08404 https://api.first.org/data/v1/epss?cve=CVE-2020-10188
epss 0.08404 https://api.first.org/data/v1/epss?cve=CVE-2020-10188
epss 0.08404 https://api.first.org/data/v1/epss?cve=CVE-2020-10188
epss 0.08404 https://api.first.org/data/v1/epss?cve=CVE-2020-10188
epss 0.09578 https://api.first.org/data/v1/epss?cve=CVE-2020-10188
epss 0.09578 https://api.first.org/data/v1/epss?cve=CVE-2020-10188
cvssv3.1 8.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux High https://security.archlinux.org/AVG-1003
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json
https://api.first.org/data/v1/epss?cve=CVE-2020-10188
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1811673 https://bugzilla.redhat.com/show_bug.cgi?id=1811673
953477 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953477
953478 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953478
956084 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956084
ASA-202106-20 https://security.archlinux.org/ASA-202106-20
AVG-1003 https://security.archlinux.org/AVG-1003
RHSA-2020:1318 https://access.redhat.com/errata/RHSA-2020:1318
RHSA-2020:1334 https://access.redhat.com/errata/RHSA-2020:1334
RHSA-2020:1335 https://access.redhat.com/errata/RHSA-2020:1335
RHSA-2020:1342 https://access.redhat.com/errata/RHSA-2020:1342
RHSA-2020:1349 https://access.redhat.com/errata/RHSA-2020:1349
RHSA-2022:0011 https://access.redhat.com/errata/RHSA-2022:0011
RHSA-2022:0158 https://access.redhat.com/errata/RHSA-2022:0158
USN-5048-1 https://usn.ubuntu.com/5048-1/
USN-7781-1 https://usn.ubuntu.com/7781-1/
USN-USN-5048-2 https://usn.ubuntu.com/USN-5048-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.9229
EPSS Score 0.08404
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T14:12:01.301414+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json 38.0.0