CVE-2014-3566

ADVISORY - nist

Summary

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

EPSS Score⁠: 0.94196 (0.999)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-310⁠

Cryptographic Issues

ADVISORY - redhat

(CWE-636|CWE-757)⁠

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.