Tag
cve-2023-48795
Safeguard articles tagged "cve-2023-48795" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Analysis
Terrapin Attack (CVE-2023-48795) Explained: SSH's Prefix Truncation Flaw
CVE-2023-48795, the Terrapin attack, is a protocol-level flaw letting a MITM silently truncate the start of an SSH session. Here is how it works, what it downgrades, and how to fix it.
Jul 8, 20267 min read
Vulnerability Analysis
Terrapin SSH protocol downgrade attack explained
Terrapin (CVE-2023-48795) lets an on-path attacker silently strip packets from SSH handshakes. Here's how the downgrade works and how to check exposure.
May 5, 20266 min read
Vulnerability Analysis
CVE-2023-48795: Terrapin attack affecting paramiko SSH ex...
The Terrapin attack (CVE-2023-48795) lets on-path attackers truncate SSH extension negotiation, downgrading security in paramiko and other SSH implementations.
Oct 2, 20258 min read