216.73.217.80

CVE-2020-37085

· Published 03/02/2026 22:16 · Modified 04/02/2026 16:33

Labels: CVE-2020-37085 2026-02-03CVE-2020-37085CWE-770[email protected]

Essential information

Published
03/02/2026 22:16
Modified
04/02/2026 16:33
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

VirtualTablet Server 3.0.2 contains a denial of service vulnerability that allows attackers to crash the service by sending oversized string payloads through the Thrift protocol. Attackers can exploit the vulnerability by sending a long string to the send_say() method, causing the server to become unresponsive.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
virtualtablet / virtualtablet server cpe:2.3:a:virtualtablet:virtualtablet_server:3.0.2:*:*:*:*:*:*:*

References