VYPR
Medium severity5.9NVD Advisory· Published Nov 14, 2023· Updated Jun 17, 2026

CVE-2023-46445

CVE-2023-46445

Description

An issue in AsyncSSH before 2.14.1 allows attackers to control the extension info message (RFC 8308) via a man-in-the-middle attack, aka a "Rogue Extension Negotiation."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
asyncsshPyPI
< 2.14.12.14.1

Affected products

2

Patches

Vulnerability mechanics

References

13

News mentions

0

No linked articles in our index yet.