MGASA-2026-0182 Updated ruby-net-ssh packages fix security vulnerabilities

This update fixes CVE-2023-48795: Prefix Truncation Attacks in SSH Specification Terrapin Attack , for ruby-net-ssh...

Updated ruby-net-ssh packages fix security vulnerabilities

This update fixes CVE-2023-48795: Prefix Truncation Attacks in SSH Specification Terrapin Attack , for ruby-net-ssh...

Exploit for Improper Validation of Integrity Check Value in Openbsd Openssh

terrapincheck.py A lightweight Python scanner for CVE-2023...

RHCOS 4 : OpenShift Container Platform 4.14.30 (RHSA-2024:3918)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3918 advisory. - ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 Note that Nessus has not tested for this issue but has instead...

MGASA-2026-0066 Updated trilead-ssh2 packages fix security vulnerabilities

CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack...

SUSE CVE-2026-33022

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Versions 0.60.0 through 1.0.0, 1.1.0 through 1.3.2, 1.4.0 through 1.6.0, 1.7.0 through 1.9.0, 1.10.0, and 1.10.1 have a denial-of-service vulnerability in that allows any user who can create a TaskRun or...

CVE-2026-33022

A denial of service flaw was found in Tekton Pipelines. Any user who can create a TaskRun or PipelineRun to crash the controller cluster-wide by setting .spec.taskRef.resolver or .spec.pipelineRef.resolver to a string of 31+ characters. The crash occurs because GenerateDeterministicNameFromSpec...

Exploit for Improper Validation of Integrity Check Value in Openbsd Openssh

Terrapin Attack - Manual Exploitation Lab CVE-2023-48795...

MiracleLinux 8 : openssh-8.0p1-19.el8_9.2 (AXSA:2024-7493:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7493:01 advisory. ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 openssh: potential command injection via shell metacharacters...

MiracleLinux 9 : openssh-8.7p1-34.el9_3.3 (AXSA:2024-7578:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7578:02 advisory. ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 openssh: potential command injection via shell metacharacters...

MiracleLinux 8 : libssh-0.9.6-13.el8_9 (AXSA:2024-7496:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7496:01 advisory. ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 9 : buildah-1.31.4-1.el9_3 (AXSA:2024-7581:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7581:01 advisory. ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 Tenable has extracted the preceding description block directly from the MiracleLin...

Erlang/OTP (Erlang OTP) Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - Linux

Erlang/OTP Erlang OTP is vulnerable to a novel prefix truncation attack a.k.a. Terrapin attack in the SSH component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Erlang/OTP (Erlang OTP) Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - Windows

Erlang/OTP Erlang OTP is vulnerable to a novel prefix truncation attack a.k.a. Terrapin attack in the SSH component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of ssh: Prefix truncation attack on Binary Packet Protocol BPP Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products...

Security Bulletin: TSSC/IMC is vulnerable to a Prefix truncation attack on Binary Packet Protocol

Summary TSSC/IMC is vulnerable to a Prefix truncation attack on Binary Packet Protocold. A patch has been provided that updates the systemd library. CVE-2023-48795, CVE-2023-51385 Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions,...

Security Bulletin: TSSC/IMC is vulnerable to a Prefix truncation attack on Binary Packet Protocol

Summary TSSC/IMC is vulnerable to a Prefix truncation attack on Binary Packet Protocold. A patch has been provided that updates the libssh library. CVE-2023-48795. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH...

Ubuntu: Security Advisory (USN-7051-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7051-1: AsyncSSH vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

USN-7051-1 python-asyncssh vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...