CVE-2014-3566

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2014-3566

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-3566.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2014-3566

Related

Published

2014-10-15T00:55:02Z

Modified

2024-11-22T10:45:26.288691Z

Severity

3.4 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

References

Affected packages

Debian:11 / epiphany-browser

Package

Name: epiphany-browser
Purl: pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.38.2-1

3.38.2-1+deb11u1

3.38.2-1+deb11u2

3.38.2-1+deb11u3

Other

40~beta-1

40~rc-1

41~beta-1

41~rc-1

42~beta-1

42~beta-2

43~beta-1

43~rc-1

44~rc-1

45~beta-1

46~alpha-1

46~beta-1

47~beta-1

47~rc-1

40.*

40.0-1

40.0-2

40.1-1

40.2-1

40.3-1

40.3-2

41.*

41.0-1

41.0-2

41.2-1

41.3-1

41.3-2

42.*

42.0-1

42.0-2

42.1-1

42.2-1

42.3-1

42.4-1

43.*

43.0-1

43.0-2

43.1-1

44.*

44.0-1

44.1-1

44.2-1

44.3-1

44.5-1

44.5-2

44.6-1

45.*

45.0-1

45.1-1

45.2-1

46.*

46.0-1

46.0-2

46.1-1

46.2-1

46.3-1

47.*

47.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / epiphany-browser

Package

Name: epiphany-browser
Purl: pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

43.*

43.1-1

Other

44~rc-1

45~beta-1

46~alpha-1

46~beta-1

47~beta-1

47~rc-1

44.*

44.0-1

44.1-1

44.2-1

44.3-1

44.5-1

44.5-2

44.6-1

45.*

45.0-1

45.1-1

45.2-1

46.*

46.0-1

46.0-2

46.1-1

46.2-1

46.3-1

47.*

47.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / epiphany-browser

Package

Name: epiphany-browser
Purl: pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

43.*

43.1-1

Other

44~rc-1

45~beta-1

46~alpha-1

46~beta-1

47~beta-1

47~rc-1

44.*

44.0-1

44.1-1

44.2-1

44.3-1

44.5-1

44.5-2

44.6-1

45.*

45.0-1

45.1-1

45.2-1

46.*

46.0-1

46.0-2

46.1-1

46.2-1

46.3-1

47.*

47.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / erlang

Package

Name: erlang
Purl: pkg:deb/debian/erlang?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / erlang

Package

Name: erlang
Purl: pkg:deb/debian/erlang?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / erlang

Package

Name: erlang
Purl: pkg:deb/debian/erlang?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / gnutls28

Package

Name: gnutls28
Purl: pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / gnutls28

Package

Name: gnutls28
Purl: pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / gnutls28

Package

Name: gnutls28
Purl: pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / haskell-tls

Package

Name: haskell-tls
Purl: pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / haskell-tls

Package

Name: haskell-tls
Purl: pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / haskell-tls

Package

Name: haskell-tls
Purl: pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / lighttpd

Package

Name: lighttpd
Purl: pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / lighttpd

Package

Name: lighttpd
Purl: pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / lighttpd

Package

Name: lighttpd
Purl: pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / midori

Package

Name: midori
Purl: pkg:deb/debian/midori?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

7.*

7.0-2.1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / netsurf

Package

Name: netsurf
Purl: pkg:deb/debian/netsurf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / netsurf

Package

Name: netsurf
Purl: pkg:deb/debian/netsurf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / netsurf

Package

Name: netsurf
Purl: pkg:deb/debian/netsurf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / nss

Package

Name: nss
Purl: pkg:deb/debian/nss?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / nss

Package

Name: nss
Purl: pkg:deb/debian/nss?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / nss

Package

Name: nss
Purl: pkg:deb/debian/nss?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / openssl

Package

Name: openssl
Purl: pkg:deb/debian/openssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / openssl

Package

Name: openssl
Purl: pkg:deb/debian/openssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / openssl

Package

Name: openssl
Purl: pkg:deb/debian/openssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / pound

Package

Name: pound
Purl: pkg:deb/debian/pound?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / pound

Package

Name: pound
Purl: pkg:deb/debian/pound?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6-6

Affected versions

1.*

1.7-1

1.8.2-1

1.8.2-1sarge1

1.8.2-1.1

1.9-1

1.9.3-1

1.9.4-1

2.*

2.0-1

2.0-1.1

2.0-1.2

2.2.7-1

2.2.7-2

2.4-1

2.4-2

2.4.2-1

2.4.3-1

2.4.5-1

2.4.5-2

2.4.5-3

2.5-1

2.5-1.1

2.6-1

2.6-2

2.6-3

2.6-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / surf

Package

Name: surf
Purl: pkg:deb/debian/surf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.0+git20201107-2

2.1+git20210719-1

2.1+git20210719-2

2.1+git20220504-1

2.1+git20220504-2

2.1+git20221016-1

2.1+git20221016-2

2.1+git20221016-3

2.1+git20221016-4

2.1+git20221016-5

2.1+git20221016-6

2.1+git20240324-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / surf

Package

Name: surf
Purl: pkg:deb/debian/surf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1+git20221016-4

2.1+git20221016-5

2.1+git20221016-6

2.1+git20240324-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / surf

Package

Name: surf
Purl: pkg:deb/debian/surf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1+git20221016-4

2.1+git20221016-5

2.1+git20221016-6

2.1+git20240324-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}