CVE-2014-3566

Source
https://nvd.nist.gov/vuln/detail/CVE-2014-3566
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-3566.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2014-3566
Related
Published
2014-10-15T00:55:02Z
Modified
2024-09-18T18:48:28.475308Z
Severity
  • 3.4 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

References

Affected packages

Debian:11 / epiphany-browser

Package

Name
epiphany-browser
Purl
pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.38.2-1
3.38.2-1+deb11u1
3.38.2-1+deb11u2
3.38.2-1+deb11u3

Other

40~beta-1
40~rc-1
41~beta-1
41~rc-1
42~beta-1
42~beta-2
43~beta-1
43~rc-1
44~rc-1
45~beta-1
46~alpha-1
46~beta-1
47~beta-1
47~rc-1

40.*

40.0-1
40.0-2
40.1-1
40.2-1
40.3-1
40.3-2

41.*

41.0-1
41.0-2
41.2-1
41.3-1
41.3-2

42.*

42.0-1
42.0-2
42.1-1
42.2-1
42.3-1
42.4-1

43.*

43.0-1
43.0-2
43.1-1

44.*

44.0-1
44.1-1
44.2-1
44.3-1
44.5-1
44.5-2
44.6-1

45.*

45.0-1
45.1-1
45.2-1

46.*

46.0-1
46.0-2
46.1-1
46.2-1
46.3-1

47.*

47.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / epiphany-browser

Package

Name
epiphany-browser
Purl
pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

43.*

43.1-1

Other

44~rc-1
45~beta-1
46~alpha-1
46~beta-1
47~beta-1
47~rc-1

44.*

44.0-1
44.1-1
44.2-1
44.3-1
44.5-1
44.5-2
44.6-1

45.*

45.0-1
45.1-1
45.2-1

46.*

46.0-1
46.0-2
46.1-1
46.2-1
46.3-1

47.*

47.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / epiphany-browser

Package

Name
epiphany-browser
Purl
pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

43.*

43.1-1

Other

44~rc-1
45~beta-1
46~alpha-1
46~beta-1
47~beta-1
47~rc-1

44.*

44.0-1
44.1-1
44.2-1
44.3-1
44.5-1
44.5-2
44.6-1

45.*

45.0-1
45.1-1
45.2-1

46.*

46.0-1
46.0-2
46.1-1
46.2-1
46.3-1

47.*

47.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / erlang

Package

Name
erlang
Purl
pkg:deb/debian/erlang?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / erlang

Package

Name
erlang
Purl
pkg:deb/debian/erlang?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / erlang

Package

Name
erlang
Purl
pkg:deb/debian/erlang?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / gnutls28

Package

Name
gnutls28
Purl
pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / gnutls28

Package

Name
gnutls28
Purl
pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / gnutls28

Package

Name
gnutls28
Purl
pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / haskell-tls

Package

Name
haskell-tls
Purl
pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / haskell-tls

Package

Name
haskell-tls
Purl
pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / haskell-tls

Package

Name
haskell-tls
Purl
pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / lighttpd

Package

Name
lighttpd
Purl
pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / lighttpd

Package

Name
lighttpd
Purl
pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / lighttpd

Package

Name
lighttpd
Purl
pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / midori

Package

Name
midori
Purl
pkg:deb/debian/midori?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

7.*

7.0-2.1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / netsurf

Package

Name
netsurf
Purl
pkg:deb/debian/netsurf?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / netsurf

Package

Name
netsurf
Purl
pkg:deb/debian/netsurf?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / netsurf

Package

Name
netsurf
Purl
pkg:deb/debian/netsurf?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / nss

Package

Name
nss
Purl
pkg:deb/debian/nss?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / nss

Package

Name
nss
Purl
pkg:deb/debian/nss?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / nss

Package

Name
nss
Purl
pkg:deb/debian/nss?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / openssl

Package

Name
openssl
Purl
pkg:deb/debian/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / openssl

Package

Name
openssl
Purl
pkg:deb/debian/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / openssl

Package

Name
openssl
Purl
pkg:deb/debian/openssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / pound

Package

Name
pound
Purl
pkg:deb/debian/pound?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / pound

Package

Name
pound
Purl
pkg:deb/debian/pound?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6-6

Affected versions

1.*

1.7-1
1.8.2-1
1.8.2-1sarge1
1.8.2-1.1
1.9-1
1.9.3-1
1.9.4-1

2.*

2.0-1
2.0-1.1
2.0-1.2
2.2.7-1
2.2.7-2
2.4-1
2.4-2
2.4.2-1
2.4.3-1
2.4.5-1
2.4.5-2
2.4.5-3
2.5-1
2.5-1.1
2.6-1
2.6-2
2.6-3
2.6-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / surf

Package

Name
surf
Purl
pkg:deb/debian/surf?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.0+git20201107-2
2.1+git20210719-1
2.1+git20210719-2
2.1+git20220504-1
2.1+git20220504-2
2.1+git20221016-1
2.1+git20221016-2
2.1+git20221016-3
2.1+git20221016-4
2.1+git20221016-5
2.1+git20221016-6

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / surf

Package

Name
surf
Purl
pkg:deb/debian/surf?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1+git20221016-4
2.1+git20221016-5
2.1+git20221016-6

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / wolfssl

Package

Name
wolfssl
Purl
pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / wolfssl

Package

Name
wolfssl
Purl
pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / wolfssl

Package

Name
wolfssl
Purl
pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}