LOW✓ PATCH🇵🇱 Wersja polska

CVE-2014-3566

CVSS 3.4v3.1pub. 2014-10-15upd. 2026-05-28

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
  • Apple Mac Os X

    OS
    Apple
    ≤ 10.10.1
  • Fedora Project Fedora

    OS
    Fedoraproject
    192021
  • IBM Aix

    OS
    Ibm
    5.36.17.1
  • IBM Vios

    APP
    Ibm
    2.2.0.102.2.0.112.2.0.122.2.0.132.2.1.02.2.1.12.2.1.32.2.1.42.2.1.52.2.1.62.2.1.72.2.1.82.2.1.9
  • Mageia

    OS
    Mageia
    3.04.0
  • Novell SUSE Linux Enterprise Desktop

    OS
    Novell
    10.011.012.09.0
  • Novell SUSE Linux Enterprise Server

    OS
    Novell
    11.012.0
  • Novell SUSE Linux Enterprise Software Development Kit

    APP
    Novell
    11.012.0
  • OpenSSL

    APP
    Openssl
    0.9.80.9.8a0.9.8b0.9.8c0.9.8d0.9.8e0.9.8f0.9.8g0.9.8h0.9.8i0.9.8j0.9.8k0.9.8l0.9.8m0.9.8n+ 39 więcej
  • Opensuse

    OS
    Opensuse
    12.313.1
  • Red Hat Enterprise Linux

    OS
    Redhat
    5
  • Red Hat Enterprise Linux Desktop

    OS
    Redhat
    6.07.0
  • Red Hat Enterprise Linux Desktop Supplementary

    OS
    Redhat
    5.06.0
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    6.07.0
  • Red Hat Enterprise Linux Server Supplementary

    OS
    Redhat
    5.06.07.0
  • Red Hat Enterprise Linux Workstation

    OS
    Redhat
    6.07.0
  • Red Hat Enterprise Linux Workstation Supplementary

    OS
    Redhat
    6.07.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2024-4577CRITICAL9.8⚠ KEVPL ✓ten sam produkt

PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit

CVE-2024-5274CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML

CVE-2024-4947CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w silniku V8 Chrome — zdalne wykonanie kodu (RCE)

CVE-2024-4671CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Use-after-free w Google Chrome Visuals umożliwiający ucieczkę z sandbox