Risk Scores
CVSS v3.1
6.800000190734863
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.49%
65.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | asyncssh | 0 |
| n/a | n/a | n/a |
| asyncssh_project | asyncssh | 0 |
Timeline
- Nov 9, 2023 CVE Published
- Nov 14, 2023 EPSS Score
- Dec 14, 2023 EPSS Score
- Jan 12, 2024 EPSS Score
- Feb 11, 2024 EPSS Score
- Mar 12, 2024 EPSS Score
- Apr 10, 2024 EPSS Score
- May 10, 2024 EPSS Score
- Jun 9, 2024 EPSS Score
- Aug 7, 2024 EPSS Score
- Sep 6, 2024 EPSS Score
- Oct 6, 2024 EPSS Score
References
- https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm url
- FEDORA-2023-d2956318e4 vendor-advisory
- https://www.terrapin-attack.com url
- https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst url
- https://github.com/advisories/GHSA-c35q-ffpf-5qpm url
- http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html url
- https://security.netapp.com/advisory/ntap-20231222-0001/ url
- https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html url
- https://nvd.nist.gov/vuln/detail/CVE-2023-46446 advisory
- https://github.com/ronf/asyncssh/commit/83e43f5ea3470a8617fc388c72b062c7136efd7e url
- https://github.com/pypa/advisory-database/tree/main/vulns/asyncssh/PYSEC-2023-239.yaml url
- https://github.com/ronf/asyncssh package
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE url
- https://security.netapp.com/advisory/ntap-20231222-0001 url