USN-6589-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2023-48795 UBUNTU-CVE-2023-48795

Published: 18 Jan 2024, 17:55

Last modified:27 Apr 2026, 17:02

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

18 Jan 2024, 17:55

Published

Vulnerability first disclosed

27 Apr 2026, 17:02

Last Modified

Vulnerability information updated

Description

filezilla vulnerability Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information.

Affected Systems

ubuntu•filezilla
< 3.46.3-1ubuntu0.1 | < 3.58.0-1ubuntu0.1

References (2)

https://ubuntu.com/security/notices/USN-6589-1
https://ubuntu.com/security/CVE-2023-48795