CVE-2014-3566
Published
CVSS v3
3.4
LOW
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
:poodle: Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 :poodle:
GitHub