DEBIAN-CVE-2014-3566

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2014-3566

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2014-3566

Upstream

CVE-2014-3566

Published

2014-10-15T00:55:02.137Z

Modified

2025-11-14T04:00:27.623117Z

Severity

3.4 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

References

https://security-tracker.debian.org/tracker/CVE-2014-3566

Affected packages

Debian:11

epiphany-browser

Package

Name: epiphany-browser
Purl: pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.38.2-1

3.38.2-1+deb11u1

3.38.2-1+deb11u2

3.38.2-1+deb11u3

Other

40~beta-1

40~rc-1

41~beta-1

41~rc-1

42~beta-1

42~beta-2

43~beta-1

43~rc-1

44~rc-1

45~beta-1

46~alpha-1

46~beta-1

47~beta-1

47~rc-1

48~beta-1

48~rc-1

48~rc-2

40.*

40.0-1

40.0-2

40.1-1

40.2-1

40.3-1

40.3-2

41.*

41.0-1

41.0-2

41.2-1

41.3-1

41.3-2

42.*

42.0-1

42.0-2

42.1-1

42.2-1

42.3-1

42.4-1

43.*

43.0-1

43.0-2

43.1-1

44.*

44.0-1

44.1-1

44.2-1

44.3-1

44.5-1

44.5-2

44.6-1

45.*

45.0-1

45.1-1

45.2-1

46.*

46.0-1

46.0-2

46.1-1

46.2-1

46.3-1

47.*

47.0-1

47.2-1

48.*

48.0-1

48.1-1

48.2-1

48.3-1

48.3-2

48.5-1

48.5-2

48.5-3

49.*

49.0-1

49.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

erlang

Package

Name: erlang
Purl: pkg:deb/debian/erlang?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

gnutls28

Package

Name: gnutls28
Purl: pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

haskell-tls

Package

Name: haskell-tls
Purl: pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

lighttpd

Package

Name: lighttpd
Purl: pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

midori

Package

Name: midori
Purl: pkg:deb/debian/midori?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

7.*

7.0-2.1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

netsurf

Package

Name: netsurf
Purl: pkg:deb/debian/netsurf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

nss

Package

Name: nss
Purl: pkg:deb/debian/nss?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

openssl

Package

Name: openssl
Purl: pkg:deb/debian/openssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

pound

Package

Name: pound
Purl: pkg:deb/debian/pound?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

surf

Package

Name: surf
Purl: pkg:deb/debian/surf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.0+git20201107-2

2.1+git20210719-1

2.1+git20210719-2

2.1+git20220504-1

2.1+git20220504-2

2.1+git20221016-1

2.1+git20221016-2

2.1+git20221016-3

2.1+git20221016-4

2.1+git20221016-5

2.1+git20221016-6

2.1+git20240324-1

2.1+git20250419-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

Debian:12

epiphany-browser

Package

Name: epiphany-browser
Purl: pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

43.*

43.1-1

Other

44~rc-1

45~beta-1

46~alpha-1

46~beta-1

47~beta-1

47~rc-1

48~beta-1

48~rc-1

48~rc-2

44.*

44.0-1

44.1-1

44.2-1

44.3-1

44.5-1

44.5-2

44.6-1

45.*

45.0-1

45.1-1

45.2-1

46.*

46.0-1

46.0-2

46.1-1

46.2-1

46.3-1

47.*

47.0-1

47.2-1

48.*

48.0-1

48.1-1

48.2-1

48.3-1

48.3-2

48.5-1

48.5-2

48.5-3

49.*

49.0-1

49.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

erlang

Package

Name: erlang
Purl: pkg:deb/debian/erlang?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

gnutls28

Package

Name: gnutls28
Purl: pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

haskell-tls

Package

Name: haskell-tls
Purl: pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

lighttpd

Package

Name: lighttpd
Purl: pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

netsurf

Package

Name: netsurf
Purl: pkg:deb/debian/netsurf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

nss

Package

Name: nss
Purl: pkg:deb/debian/nss?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

openssl

Package

Name: openssl
Purl: pkg:deb/debian/openssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

surf

Package

Name: surf
Purl: pkg:deb/debian/surf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1+git20221016-4

2.1+git20221016-5

2.1+git20221016-6

2.1+git20240324-1

2.1+git20250419-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

Debian:13

epiphany-browser

Package

Name: epiphany-browser
Purl: pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

48.*

48.3-2

48.5-0+deb13u1

48.5-1

48.5-2

48.5-3

49.*

49.0-1

49.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

erlang

Package

Name: erlang
Purl: pkg:deb/debian/erlang?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

gnutls28

Package

Name: gnutls28
Purl: pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

haskell-tls

Package

Name: haskell-tls
Purl: pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

lighttpd

Package

Name: lighttpd
Purl: pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

netsurf

Package

Name: netsurf
Purl: pkg:deb/debian/netsurf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

nss

Package

Name: nss
Purl: pkg:deb/debian/nss?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

openssl

Package

Name: openssl
Purl: pkg:deb/debian/openssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

pound

Package

Name: pound
Purl: pkg:deb/debian/pound?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

surf

Package

Name: surf
Purl: pkg:deb/debian/surf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1+git20250419-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

Debian:14

epiphany-browser

Package

Name: epiphany-browser
Purl: pkg:deb/debian/epiphany-browser?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

48.*

48.3-2

48.5-1

48.5-2

48.5-3

49.*

49.0-1

49.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

erlang

Package

Name: erlang
Purl: pkg:deb/debian/erlang?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:17.3-dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

gnutls28

Package

Name: gnutls28
Purl: pkg:deb/debian/gnutls28?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.8-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

haskell-tls

Package

Name: haskell-tls
Purl: pkg:deb/debian/haskell-tls?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.9-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

lighttpd

Package

Name: lighttpd
Purl: pkg:deb/debian/lighttpd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.35-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

netsurf

Package

Name: netsurf
Purl: pkg:deb/debian/netsurf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

nss

Package

Name: nss
Purl: pkg:deb/debian/nss?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.17.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

openssl

Package

Name: openssl
Purl: pkg:deb/debian/openssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1j-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

pound

Package

Name: pound
Purl: pkg:deb/debian/pound?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

surf

Package

Name: surf
Purl: pkg:deb/debian/surf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1+git20250419-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"

wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.8+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-3566.json"