suse · CVE-2014-3566

Quick triage

Priority: critical Published: 2021-05-30 13:21:08 UTC Updated: 2026-04-18 18:39:11 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2014-3566 severity critical: SUSE including 646 source package names (PackageKit-0.8.16-11.15, PackageKit-backend-zypp-0.8.16-11.15, …), 1172 product×package rows across 101 product lines (HPE Helion OpenStack 8, Image SLES12-SP5-Azure-SAP-BYOS, … (101 product lines)): Fixed 731, Known Affected 231, Known Not Affected 210.

Description:

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

cvelogic Threat Intelligence