[FEATURE]:Update container the base image #1805
Labels
feature request
New feature request
Comments
|
Yes, CentOS 7 has reached its end of life, and we are in the process of replacing it. However, this transition is introducing compatibility issues due to the newer version of glibc. Additionally, the new image must include the GCC 9 toolchain, as our projects depend on it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Concisely describe the proposed feature:
I would like to update the base image of the ilogtail container to replace CentOS, as CentOS is no longer receiving updates and CVE vulnerabilities are not being addressed in a timely manner.
Describe the solution you'd like (if any):
To mitigate security risks from outdated CentOS, I propose switching to a more actively maintained base image, such as ubuntu,debian,alpine,minideb, or another secure and regularly updated Linux distribution. This will ensure ilogtail stays secure and compliant with the latest security patches.
Additional comments:
By updating the base image, we can address security vulnerabilities more efficiently. This change will ensure that the ilogtail container remains robust and secure, without exposing users to known CVEs.
{ "Target": "sls-opensource-registry.cn-shanghai.cr.aliyuncs.com/ilogtail-community-edition/ilogtail:latest (centos 7.9.2009)", "Class": "os-pkgs", "Type": "centos", "Vulnerabilities": [ { "VulnerabilityID": "CVE-2023-4408", "VendorIDs": [ "RHSA-2024:3741" ], "PkgID": "[email protected]_9.15.noarch", "PkgName": "bind-license", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9.15?arch=noarch\u0026distro=centos-7.9.2009\u0026epoch=32", "UID": "1673398edb905dc4" }, "InstalledVersion": "32:9.11.4-26.P2.el7_9.15", "FixedVersion": "32:9.11.4-26.P2.el7_9.16", "Status": "fixed", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4408", "Title": "bind9: Parsing large DNS messages may cause excessive CPU load", "Description": "The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers.\nThis issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.", "Severity": "HIGH", "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/02/13/1", "https://access.redhat.com/errata/RHSA-2024:2551", "https://access.redhat.com/security/cve/CVE-2023-4408", "https://bugzilla.redhat.com/2263896", "https://bugzilla.redhat.com/2263897", "https://bugzilla.redhat.com/2263909", "https://bugzilla.redhat.com/2263911", "https://bugzilla.redhat.com/2263914", "https://bugzilla.redhat.com/2263917", "https://bugzilla.redhat.com/show_bug.cgi?id=2263896", "https://bugzilla.redhat.com/show_bug.cgi?id=2263897", "https://bugzilla.redhat.com/show_bug.cgi?id=2263909", "https://bugzilla.redhat.com/show_bug.cgi?id=2263911", "https://bugzilla.redhat.com/show_bug.cgi?id=2263914", "https://bugzilla.redhat.com/show_bug.cgi?id=2263917", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6516", "https://errata.almalinux.org/9/ALSA-2024-2551.html", "https://errata.rockylinux.org/RLSA-2024:2551", "https://kb.isc.org/docs/cve-2023-4408", "https://linux.oracle.com/cve/CVE-2023-4408.html", "https://linux.oracle.com/errata/ELSA-2024-3741.html", "https://lists.fedoraproject.org/archives/list/[email protected]/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "https://lists.fedoraproject.org/archives/list/[email protected]/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "https://lists.fedoraproject.org/archives/list/[email protected]/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "https://lists.fedoraproject.org/archives/list/[email protected]/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4408", "https://security.netapp.com/advisory/ntap-20240426-0001/", "https://ubuntu.com/security/notices/USN-6633-1", "https://ubuntu.com/security/notices/USN-6642-1", "https://www.cve.org/CVERecord?id=CVE-2023-4408" ], "PublishedDate": "2024-02-13T14:15:45.253Z", "LastModifiedDate": "2024-04-26T09:15:08.727Z" }, { "VulnerabilityID": "CVE-2023-50387", "VendorIDs": [ "RHSA-2024:3741" ], "PkgID": "[email protected]_9.15.noarch", "PkgName": "bind-license", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9.15?arch=noarch\u0026distro=centos-7.9.2009\u0026epoch=32", "UID": "1673398edb905dc4" }, "InstalledVersion": "32:9.11.4-26.P2.el7_9.15", "FixedVersion": "32:9.11.4-26.P2.el7_9.16", "Status": "fixed", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50387", "Title": "bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator", "Description": "Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.", "Severity": "HIGH", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/02/16/2", "http://www.openwall.com/lists/oss-security/2024/02/16/3", "https://access.redhat.com/errata/RHSA-2024:2551", "https://access.redhat.com/security/cve/CVE-2023-50387", "https://blog.powerdns.com/2024/02/13/powerdns-recursor-4-8-6-4-9-3-5-0-2-released", "https://bugzilla.redhat.com/2263896", "https://bugzilla.redhat.com/2263897", "https://bugzilla.redhat.com/2263909", "https://bugzilla.redhat.com/2263911", "https://bugzilla.redhat.com/2263914", "https://bugzilla.redhat.com/2263917", "https://bugzilla.redhat.com/show_bug.cgi?id=2263896", "https://bugzilla.redhat.com/show_bug.cgi?id=2263897", "https://bugzilla.redhat.com/show_bug.cgi?id=2263909", "https://bugzilla.redhat.com/show_bug.cgi?id=2263911", "https://bugzilla.redhat.com/show_bug.cgi?id=2263914", "https://bugzilla.redhat.com/show_bug.cgi?id=2263917", "https://bugzilla.suse.com/show_bug.cgi?id=1219823", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6516", "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "https://errata.almalinux.org/9/ALSA-2024-2551.html", "https://errata.rockylinux.org/RLSA-2024:2551", "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "https://kb.isc.org/docs/cve-2023-50387", "https://linux.oracle.com/cve/CVE-2023-50387.html", "https://linux.oracle.com/errata/ELSA-2024-3741.html", "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387", "https://news.ycombinator.com/item?id=39367411", "https://news.ycombinator.com/item?id=39372384", "https://nlnetlabs.nl/downloads/unbound/CVE-2023-50387_CVE-2023-50868.txt", "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "https://nvd.nist.gov/vuln/detail/CVE-2023-50387", "https://security.netapp.com/advisory/ntap-20240307-0007/", "https://ubuntu.com/security/notices/USN-6633-1", "https://ubuntu.com/security/notices/USN-6642-1", "https://ubuntu.com/security/notices/USN-6657-1", "https://ubuntu.com/security/notices/USN-6657-2", "https://ubuntu.com/security/notices/USN-6665-1", "https://ubuntu.com/security/notices/USN-6723-1", "https://www.athene-center.de/aktuelles/key-trap", "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf", "https://www.cve.org/CVERecord?id=CVE-2023-50387", "https://www.isc.org/blogs/2024-bind-security-release/", "https://www.knot-resolver.cz/2024-02-13-knot-resolver-5.7.1.html", "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/", "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/" ], "PublishedDate": "2024-02-14T16:15:45.3Z", "LastModifiedDate": "2024-06-10T17:16:15.963Z" }, { "VulnerabilityID": "CVE-2023-50868", "VendorIDs": [ "RHSA-2024:3741" ], "PkgID": "[email protected]_9.15.noarch", "PkgName": "bind-license", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9.15?arch=noarch\u0026distro=centos-7.9.2009\u0026epoch=32", "UID": "1673398edb905dc4" }, "InstalledVersion": "32:9.11.4-26.P2.el7_9.15", "FixedVersion": "32:9.11.4-26.P2.el7_9.16", "Status": "fixed", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50868", "Title": "bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources", "Description": "The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.", "Severity": "HIGH", "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/02/16/2", "http://www.openwall.com/lists/oss-security/2024/02/16/3", "https://access.redhat.com/errata/RHSA-2024:2551", "https://access.redhat.com/security/cve/CVE-2023-50868", "https://blog.powerdns.com/2024/02/13/powerdns-recursor-4-8-6-4-9-3-5-0-2-released", "https://bugzilla.redhat.com/2263896", "https://bugzilla.redhat.com/2263897", "https://bugzilla.redhat.com/2263909", "https://bugzilla.redhat.com/2263911", "https://bugzilla.redhat.com/2263914", "https://bugzilla.redhat.com/2263917", "https://bugzilla.redhat.com/show_bug.cgi?id=2263896", "https://bugzilla.redhat.com/show_bug.cgi?id=2263897", "https://bugzilla.redhat.com/show_bug.cgi?id=2263909", "https://bugzilla.redhat.com/show_bug.cgi?id=2263911", "https://bugzilla.redhat.com/show_bug.cgi?id=2263914", "https://bugzilla.redhat.com/show_bug.cgi?id=2263917", "https://bugzilla.suse.com/show_bug.cgi?id=1219826", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6516", "https://datatracker.ietf.org/doc/html/rfc5155", "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "https://errata.almalinux.org/9/ALSA-2024-2551.html", "https://errata.rockylinux.org/RLSA-2024:2551", "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "https://kb.isc.org/docs/cve-2023-50868", "https://linux.oracle.com/cve/CVE-2023-50868.html", "https://linux.oracle.com/errata/ELSA-2024-3741.html", "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "https://nlnetlabs.nl/downloads/unbound/CVE-2023-50387_CVE-2023-50868.txt", "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "https://nvd.nist.gov/vuln/detail/CVE-2023-50868", "https://security.netapp.com/advisory/ntap-20240307-0008/", "https://ubuntu.com/security/notices/USN-6633-1", "https://ubuntu.com/security/notices/USN-6642-1", "https://ubuntu.com/security/notices/USN-6657-1", "https://ubuntu.com/security/notices/USN-6657-2", "https://ubuntu.com/security/notices/USN-6665-1", "https://ubuntu.com/security/notices/USN-6723-1", "https://www.cve.org/CVERecord?id=CVE-2023-50868", "https://www.isc.org/blogs/2024-bind-security-release/", "https://www.knot-resolver.cz/2024-02-13-knot-resolver-5.7.1.html" ], "PublishedDate": "2024-02-14T16:15:45.377Z", "LastModifiedDate": "2024-06-10T17:16:16.2Z" }, { "VulnerabilityID": "CVE-2024-1737", "VendorIDs": [ "RHSA-2024:5930" ], "PkgID": "[email protected]_9.15.noarch", "PkgName": "bind-license", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9.15?arch=noarch\u0026distro=centos-7.9.2009\u0026epoch=32", "UID": "1673398edb905dc4" }, "InstalledVersion": "32:9.11.4-26.P2.el7_9.15", "FixedVersion": "32:9.11.4-26.P2.el7_9.17", "Status": "fixed", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-1737", "Title": "bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam", "Description": "Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.\nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.", "Severity": "HIGH", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/23/1", "http://www.openwall.com/lists/oss-security/2024/07/31/2", "https://access.redhat.com/errata/RHSA-2024:5231", "https://access.redhat.com/security/cve/CVE-2024-1737", "https://bugzilla.redhat.com/2298893", "https://bugzilla.redhat.com/2298901", "https://bugzilla.redhat.com/2298904", "https://errata.almalinux.org/9/ALSA-2024-5231.html", "https://kb.isc.org/docs/cve-2024-1737", "https://kb.isc.org/docs/rrset-limits-in-zones", "https://linux.oracle.com/cve/CVE-2024-1737.html", "https://linux.oracle.com/errata/ELSA-2024-5524.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-1737", "https://ubuntu.com/security/notices/USN-6909-1", "https://ubuntu.com/security/notices/USN-6909-2", "https://ubuntu.com/security/notices/USN-6909-3", "https://www.cve.org/CVERecord?id=CVE-2024-1737" ], "PublishedDate": "2024-07-23T15:15:03.74Z", "LastModifiedDate": "2024-08-01T13:46:11.85Z" }, { "VulnerabilityID": "CVE-2024-1975", "VendorIDs": [ "RHSA-2024:5930" ], "PkgID": "[email protected]_9.15.noarch", "PkgName": "bind-license", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9.15?arch=noarch\u0026distro=centos-7.9.2009\u0026epoch=32", "UID": "1673398edb905dc4" }, "InstalledVersion": "32:9.11.4-26.P2.el7_9.15", "FixedVersion": "32:9.11.4-26.P2.el7_9.17", "Status": "fixed", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-1975", "Title": "bind9: bind: SIG(0) can be used to exhaust CPU resources", "Description": "If a server hosts a zone containing a \"KEY\" Resource Record, or a resolver DNSSEC-validates a \"KEY\" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.\nThis issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.", "Severity": "HIGH", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/23/1", "http://www.openwall.com/lists/oss-security/2024/07/31/2", "https://access.redhat.com/errata/RHSA-2024:5231", "https://access.redhat.com/security/cve/CVE-2024-1975", "https://bugzilla.redhat.com/2298893", "https://bugzilla.redhat.com/2298901", "https://bugzilla.redhat.com/2298904", "https://errata.almalinux.org/9/ALSA-2024-5231.html", "https://kb.isc.org/docs/cve-2024-1975", "https://linux.oracle.com/cve/CVE-2024-1975.html", "https://linux.oracle.com/errata/ELSA-2024-5524.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-1975", "https://ubuntu.com/security/notices/USN-6909-1", "https://ubuntu.com/security/notices/USN-6909-2", "https://ubuntu.com/security/notices/USN-6909-3", "https://www.cve.org/CVERecord?id=CVE-2024-1975" ], "PublishedDate": "2024-07-23T15:15:03.943Z", "LastModifiedDate": "2024-08-01T13:46:16.177Z" }, { "VulnerabilityID": "CVE-2024-2961", "VendorIDs": [ "RHSA-2024:3588" ], "PkgID": "[email protected]_9.x86_64", "PkgName": "glibc", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9?arch=x86_64\u0026distro=centos-7.9.2009", "UID": "c13be43ad935a7" }, "InstalledVersion": "2.17-326.el7_9", "FixedVersion": "2.17-326.el7_9.3", "Status": "fixed", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2961", "Title": "glibc: Out of bounds write in iconv may lead to remote code execution", "Description": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.\n", "Severity": "HIGH", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/04/17/9", "http://www.openwall.com/lists/oss-security/2024/04/18/4", "http://www.openwall.com/lists/oss-security/2024/04/24/2", "http://www.openwall.com/lists/oss-security/2024/05/27/1", "http://www.openwall.com/lists/oss-security/2024/05/27/2", "http://www.openwall.com/lists/oss-security/2024/05/27/3", "http://www.openwall.com/lists/oss-security/2024/05/27/4", "http://www.openwall.com/lists/oss-security/2024/05/27/5", "http://www.openwall.com/lists/oss-security/2024/05/27/6", "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-2961", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://linux.oracle.com/cve/CVE-2024-2961.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html", "https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/", "https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/", "https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/", "https://nvd.nist.gov/vuln/detail/CVE-2024-2961", "https://security.netapp.com/advisory/ntap-20240531-0002/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004", "https://ubuntu.com/security/notices/USN-6737-1", "https://ubuntu.com/security/notices/USN-6737-2", "https://ubuntu.com/security/notices/USN-6762-1", "https://www.cve.org/CVERecord?id=CVE-2024-2961", "https://www.openwall.com/lists/oss-security/2024/04/17/9" ], "PublishedDate": "2024-04-17T18:15:15.833Z", "LastModifiedDate": "2024-07-22T18:15:03.19Z" }, { "VulnerabilityID": "CVE-2024-33599", "VendorIDs": [ "RHSA-2024:3588" ], "PkgID": "[email protected]_9.x86_64", "PkgName": "glibc", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9?arch=x86_64\u0026distro=centos-7.9.2009", "UID": "c13be43ad935a7" }, "InstalledVersion": "2.17-326.el7_9", "FixedVersion": "2.17-326.el7_9.3", "Status": "fixed", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33599", "Title": "glibc: stack-based buffer overflow in netgroup cache", "Description": "nscd: Stack-based buffer overflow in netgroup cache\n\nIf the Name Service Cache Daemon's (nscd) fixed size cache is exhausted\nby client requests then a subsequent client request for netgroup data\nmay result in a stack-based buffer overflow. This flaw was introduced\nin glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.\n", "Severity": "HIGH", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 2, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33599", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/[email protected]/", "https://linux.oracle.com/cve/CVE-2024-33599.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33599", "https://security.netapp.com/advisory/ntap-20240524-0011/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33599", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.437Z", "LastModifiedDate": "2024-07-22T18:15:03.323Z" }, { "VulnerabilityID": "CVE-2024-2961", "VendorIDs": [ "RHSA-2024:3588" ], "PkgID": "[email protected]_9.x86_64", "PkgName": "glibc-common", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9?arch=x86_64\u0026distro=centos-7.9.2009", "UID": "a92585d1e88ca9b0" }, "InstalledVersion": "2.17-326.el7_9", "FixedVersion": "2.17-326.el7_9.3", "Status": "fixed", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2961", "Title": "glibc: Out of bounds write in iconv may lead to remote code execution", "Description": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.\n", "Severity": "HIGH", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/04/17/9", "http://www.openwall.com/lists/oss-security/2024/04/18/4", "http://www.openwall.com/lists/oss-security/2024/04/24/2", "http://www.openwall.com/lists/oss-security/2024/05/27/1", "http://www.openwall.com/lists/oss-security/2024/05/27/2", "http://www.openwall.com/lists/oss-security/2024/05/27/3", "http://www.openwall.com/lists/oss-security/2024/05/27/4", "http://www.openwall.com/lists/oss-security/2024/05/27/5", "http://www.openwall.com/lists/oss-security/2024/05/27/6", "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-2961", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://linux.oracle.com/cve/CVE-2024-2961.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html", "https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/", "https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/", "https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/", "https://nvd.nist.gov/vuln/detail/CVE-2024-2961", "https://security.netapp.com/advisory/ntap-20240531-0002/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004", "https://ubuntu.com/security/notices/USN-6737-1", "https://ubuntu.com/security/notices/USN-6737-2", "https://ubuntu.com/security/notices/USN-6762-1", "https://www.cve.org/CVERecord?id=CVE-2024-2961", "https://www.openwall.com/lists/oss-security/2024/04/17/9" ], "PublishedDate": "2024-04-17T18:15:15.833Z", "LastModifiedDate": "2024-07-22T18:15:03.19Z" }, { "VulnerabilityID": "CVE-2024-33599", "VendorIDs": [ "RHSA-2024:3588" ], "PkgID": "[email protected]_9.x86_64", "PkgName": "glibc-common", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9?arch=x86_64\u0026distro=centos-7.9.2009", "UID": "a92585d1e88ca9b0" }, "InstalledVersion": "2.17-326.el7_9", "FixedVersion": "2.17-326.el7_9.3", "Status": "fixed", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33599", "Title": "glibc: stack-based buffer overflow in netgroup cache", "Description": "nscd: Stack-based buffer overflow in netgroup cache\n\nIf the Name Service Cache Daemon's (nscd) fixed size cache is exhausted\nby client requests then a subsequent client request for netgroup data\nmay result in a stack-based buffer overflow. This flaw was introduced\nin glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.\n", "Severity": "HIGH", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 2, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33599", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/[email protected]/", "https://linux.oracle.com/cve/CVE-2024-33599.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33599", "https://security.netapp.com/advisory/ntap-20240524-0011/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33599", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.437Z", "LastModifiedDate": "2024-07-22T18:15:03.323Z" }, { "VulnerabilityID": "CVE-2014-3566", "PkgID": "[email protected]_9.x86_64", "PkgName": "nss", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9?arch=x86_64\u0026distro=centos-7.9.2009", "UID": "d3aa5802e6e3fbd4" }, "InstalledVersion": "3.90.0-2.el7_9", "Status": "under_investigation", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2014-3566", "Title": "SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack", "Description": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.", "Severity": "HIGH", "CweIDs": [ "CWE-310" ], "VendorSeverity": { "amazon": 3, "nvd": 1, "oracle-oval": 3, "redhat": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "V2Score": 4.3, "V3Score": 3.4 }, "redhat": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "V2Score": 5 } }, "References": [ "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc", "http://advisories.mageia.org/MGASA-2014-0416.html", "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", "http://askubuntu.com/a/537196", "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html", "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/", "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx", "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf", "http://downloads.asterisk.org/pub/security/AST-2014-011.html", "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html", "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581", "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705", "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html", "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html", "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html", "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html", "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624619906067", "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2", "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2", "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html", "http://rhn.redhat.com/errata/RHSA-2014-1652.html", "http://rhn.redhat.com/errata/RHSA-2014-1653.html", "http://rhn.redhat.com/errata/RHSA-2014-1692.html", "http://rhn.redhat.com/errata/RHSA-2014-1876.html", "http://rhn.redhat.com/errata/RHSA-2014-1877.html", "http://rhn.redhat.com/errata/RHSA-2014-1880.html", "http://rhn.redhat.com/errata/RHSA-2014-1881.html", "http://rhn.redhat.com/errata/RHSA-2014-1882.html", "http://rhn.redhat.com/errata/RHSA-2014-1920.html", "http://rhn.redhat.com/errata/RHSA-2014-1948.html", "http://rhn.redhat.com/errata/RHSA-2015-0068.html", "http://rhn.redhat.com/errata/RHSA-2015-0079.html", "http://rhn.redhat.com/errata/RHSA-2015-0080.html", "http://rhn.redhat.com/errata/RHSA-2015-0085.html", "http://rhn.redhat.com/errata/RHSA-2015-0086.html", "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "http://rhn.redhat.com/errata/RHSA-2015-0698.html", "http://rhn.redhat.com/errata/RHSA-2015-1545.html", "http://rhn.redhat.com/errata/RHSA-2015-1546.html", "http://secunia.com/advisories/59627", "http://secunia.com/advisories/60056", "http://secunia.com/advisories/60206", "http://secunia.com/advisories/60792", "http://secunia.com/advisories/60859", "http://secunia.com/advisories/61019", "http://secunia.com/advisories/61130", "http://secunia.com/advisories/61303", "http://secunia.com/advisories/61316", "http://secunia.com/advisories/61345", "http://secunia.com/advisories/61359", "http://secunia.com/advisories/61782", "http://secunia.com/advisories/61810", "http://secunia.com/advisories/61819", "http://secunia.com/advisories/61825", "http://secunia.com/advisories/61827", "http://secunia.com/advisories/61926", "http://secunia.com/advisories/61995", "http://support.apple.com/HT204244", "http://support.citrix.com/article/CTX200238", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle", "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431", "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439", "http://www-01.ibm.com/support/docview.wss?uid=swg21686997", "http://www-01.ibm.com/support/docview.wss?uid=swg21687172", "http://www-01.ibm.com/support/docview.wss?uid=swg21687611", "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", "http://www-01.ibm.com/support/docview.wss?uid=swg21692299", "http://www.debian.org/security/2014/dsa-3053", "http://www.debian.org/security/2015/dsa-3144", "http://www.debian.org/security/2015/dsa-3147", "http://www.debian.org/security/2015/dsa-3253", "http://www.debian.org/security/2016/dsa-3489", "http://www.kb.cert.org/vuls/id/577193", "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "http://www.securityfocus.com/archive/1/533724/100/0/threaded", "http://www.securityfocus.com/archive/1/533746", "http://www.securityfocus.com/archive/1/533747", "http://www.securityfocus.com/bid/70574", "http://www.securitytracker.com/id/1031029", "http://www.securitytracker.com/id/1031039", "http://www.securitytracker.com/id/1031085", "http://www.securitytracker.com/id/1031086", "http://www.securitytracker.com/id/1031087", "http://www.securitytracker.com/id/1031088", "http://www.securitytracker.com/id/1031089", "http://www.securitytracker.com/id/1031090", "http://www.securitytracker.com/id/1031091", "http://www.securitytracker.com/id/1031092", "http://www.securitytracker.com/id/1031093", "http://www.securitytracker.com/id/1031094", "http://www.securitytracker.com/id/1031095", "http://www.securitytracker.com/id/1031096", "http://www.securitytracker.com/id/1031105", "http://www.securitytracker.com/id/1031106", "http://www.securitytracker.com/id/1031107", "http://www.securitytracker.com/id/1031120", "http://www.securitytracker.com/id/1031123", "http://www.securitytracker.com/id/1031124", "http://www.securitytracker.com/id/1031130", "http://www.securitytracker.com/id/1031131", "http://www.securitytracker.com/id/1031132", "http://www.ubuntu.com/usn/USN-2486-1", "http://www.ubuntu.com/usn/USN-2487-1", "http://www.us-cert.gov/ncas/alerts/TA14-290A", "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm", "https://access.redhat.com/articles/1232123", "https://access.redhat.com/security/cve/CVE-2014-3566", "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/", "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6", "https://bto.bluecoat.com/security-advisory/sa83", "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983", "https://bugzilla.redhat.com/show_bug.cgi?id=1152789", "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip", "https://github.com/mpgn/poodle-PoC", "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10090", "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091", "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104", "https://linux.oracle.com/cve/CVE-2014-3566.html", "https://linux.oracle.com/errata/ELSA-2015-0085.html", "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E", "https://nvd.nist.gov/vuln/detail/CVE-2014-3566", "https://puppet.com/security/cve/poodle-sslv3-vulnerability", "https://security.gentoo.org/glsa/201507-14", "https://security.gentoo.org/glsa/201606-11", "https://security.netapp.com/advisory/ntap-20141015-0001/", "https://support.apple.com/HT205217", "https://support.apple.com/kb/HT6527", "https://support.apple.com/kb/HT6529", "https://support.apple.com/kb/HT6531", "https://support.apple.com/kb/HT6535", "https://support.apple.com/kb/HT6536", "https://support.apple.com/kb/HT6541", "https://support.apple.com/kb/HT6542", "https://support.citrix.com/article/CTX216642", "https://support.lenovo.com/product_security/poodle", "https://support.lenovo.com/us/en/product_security/poodle", "https://technet.microsoft.com/library/security/3009008.aspx", "https://ubuntu.com/security/notices/USN-2486-1", "https://ubuntu.com/security/notices/USN-2487-1", "https://www-01.ibm.com/support/docview.wss?uid=swg21688165", "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7", "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html", "https://www.cve.org/CVERecord?id=CVE-2014-3566", "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html", "https://www.elastic.co/blog/logstash-1-4-3-released", "https://www.imperialviolet.org/2014/10/14/poodle.html", "https://www.openssl.org/news/secadv_20141015.txt", "https://www.openssl.org/~bodo/ssl-poodle.pdf", "https://www.suse.com/support/kb/doc.php?id=7015773" ], "PublishedDate": "2014-10-15T00:55:02.137Z", "LastModifiedDate": "2023-09-12T14:55:31.563Z" }, { "VulnerabilityID": "CVE-2014-3566", "PkgID": "[email protected]_9.x86_64", "PkgName": "nss-sysinit", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9?arch=x86_64\u0026distro=centos-7.9.2009", "UID": "4d0ff0e597e0bee8" }, "InstalledVersion": "3.90.0-2.el7_9", "Status": "under_investigation", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2014-3566", "Title": "SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack", "Description": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.", "Severity": "HIGH", "CweIDs": [ "CWE-310" ], "VendorSeverity": { "amazon": 3, "nvd": 1, "oracle-oval": 3, "redhat": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "V2Score": 4.3, "V3Score": 3.4 }, "redhat": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "V2Score": 5 } }, "References": [ "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc", "http://advisories.mageia.org/MGASA-2014-0416.html", "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", "http://askubuntu.com/a/537196", "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html", "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/", "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx", "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf", "http://downloads.asterisk.org/pub/security/AST-2014-011.html", "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html", "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581", "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705", "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html", "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html", "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html", "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html", "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624619906067", "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2", "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2", "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html", "http://rhn.redhat.com/errata/RHSA-2014-1652.html", "http://rhn.redhat.com/errata/RHSA-2014-1653.html", "http://rhn.redhat.com/errata/RHSA-2014-1692.html", "http://rhn.redhat.com/errata/RHSA-2014-1876.html", "http://rhn.redhat.com/errata/RHSA-2014-1877.html", "http://rhn.redhat.com/errata/RHSA-2014-1880.html", "http://rhn.redhat.com/errata/RHSA-2014-1881.html", "http://rhn.redhat.com/errata/RHSA-2014-1882.html", "http://rhn.redhat.com/errata/RHSA-2014-1920.html", "http://rhn.redhat.com/errata/RHSA-2014-1948.html", "http://rhn.redhat.com/errata/RHSA-2015-0068.html", "http://rhn.redhat.com/errata/RHSA-2015-0079.html", "http://rhn.redhat.com/errata/RHSA-2015-0080.html", "http://rhn.redhat.com/errata/RHSA-2015-0085.html", "http://rhn.redhat.com/errata/RHSA-2015-0086.html", "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "http://rhn.redhat.com/errata/RHSA-2015-0698.html", "http://rhn.redhat.com/errata/RHSA-2015-1545.html", "http://rhn.redhat.com/errata/RHSA-2015-1546.html", "http://secunia.com/advisories/59627", "http://secunia.com/advisories/60056", "http://secunia.com/advisories/60206", "http://secunia.com/advisories/60792", "http://secunia.com/advisories/60859", "http://secunia.com/advisories/61019", "http://secunia.com/advisories/61130", "http://secunia.com/advisories/61303", "http://secunia.com/advisories/61316", "http://secunia.com/advisories/61345", "http://secunia.com/advisories/61359", "http://secunia.com/advisories/61782", "http://secunia.com/advisories/61810", "http://secunia.com/advisories/61819", "http://secunia.com/advisories/61825", "http://secunia.com/advisories/61827", "http://secunia.com/advisories/61926", "http://secunia.com/advisories/61995", "http://support.apple.com/HT204244", "http://support.citrix.com/article/CTX200238", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle", "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431", "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439", "http://www-01.ibm.com/support/docview.wss?uid=swg21686997", "http://www-01.ibm.com/support/docview.wss?uid=swg21687172", "http://www-01.ibm.com/support/docview.wss?uid=swg21687611", "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", "http://www-01.ibm.com/support/docview.wss?uid=swg21692299", "http://www.debian.org/security/2014/dsa-3053", "http://www.debian.org/security/2015/dsa-3144", "http://www.debian.org/security/2015/dsa-3147", "http://www.debian.org/security/2015/dsa-3253", "http://www.debian.org/security/2016/dsa-3489", "http://www.kb.cert.org/vuls/id/577193", "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "http://www.securityfocus.com/archive/1/533724/100/0/threaded", "http://www.securityfocus.com/archive/1/533746", "http://www.securityfocus.com/archive/1/533747", "http://www.securityfocus.com/bid/70574", "http://www.securitytracker.com/id/1031029", "http://www.securitytracker.com/id/1031039", "http://www.securitytracker.com/id/1031085", "http://www.securitytracker.com/id/1031086", "http://www.securitytracker.com/id/1031087", "http://www.securitytracker.com/id/1031088", "http://www.securitytracker.com/id/1031089", "http://www.securitytracker.com/id/1031090", "http://www.securitytracker.com/id/1031091", "http://www.securitytracker.com/id/1031092", "http://www.securitytracker.com/id/1031093", "http://www.securitytracker.com/id/1031094", "http://www.securitytracker.com/id/1031095", "http://www.securitytracker.com/id/1031096", "http://www.securitytracker.com/id/1031105", "http://www.securitytracker.com/id/1031106", "http://www.securitytracker.com/id/1031107", "http://www.securitytracker.com/id/1031120", "http://www.securitytracker.com/id/1031123", "http://www.securitytracker.com/id/1031124", "http://www.securitytracker.com/id/1031130", "http://www.securitytracker.com/id/1031131", "http://www.securitytracker.com/id/1031132", "http://www.ubuntu.com/usn/USN-2486-1", "http://www.ubuntu.com/usn/USN-2487-1", "http://www.us-cert.gov/ncas/alerts/TA14-290A", "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm", "https://access.redhat.com/articles/1232123", "https://access.redhat.com/security/cve/CVE-2014-3566", "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/", "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6", "https://bto.bluecoat.com/security-advisory/sa83", "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983", "https://bugzilla.redhat.com/show_bug.cgi?id=1152789", "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip", "https://github.com/mpgn/poodle-PoC", "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10090", "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091", "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104", "https://linux.oracle.com/cve/CVE-2014-3566.html", "https://linux.oracle.com/errata/ELSA-2015-0085.html", "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E", "https://nvd.nist.gov/vuln/detail/CVE-2014-3566", "https://puppet.com/security/cve/poodle-sslv3-vulnerability", "https://security.gentoo.org/glsa/201507-14", "https://security.gentoo.org/glsa/201606-11", "https://security.netapp.com/advisory/ntap-20141015-0001/", "https://support.apple.com/HT205217", "https://support.apple.com/kb/HT6527", "https://support.apple.com/kb/HT6529", "https://support.apple.com/kb/HT6531", "https://support.apple.com/kb/HT6535", "https://support.apple.com/kb/HT6536", "https://support.apple.com/kb/HT6541", "https://support.apple.com/kb/HT6542", "https://support.citrix.com/article/CTX216642", "https://support.lenovo.com/product_security/poodle", "https://support.lenovo.com/us/en/product_security/poodle", "https://technet.microsoft.com/library/security/3009008.aspx", "https://ubuntu.com/security/notices/USN-2486-1", "https://ubuntu.com/security/notices/USN-2487-1", "https://www-01.ibm.com/support/docview.wss?uid=swg21688165", "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7", "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html", "https://www.cve.org/CVERecord?id=CVE-2014-3566", "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html", "https://www.elastic.co/blog/logstash-1-4-3-released", "https://www.imperialviolet.org/2014/10/14/poodle.html", "https://www.openssl.org/news/secadv_20141015.txt", "https://www.openssl.org/~bodo/ssl-poodle.pdf", "https://www.suse.com/support/kb/doc.php?id=7015773" ], "PublishedDate": "2014-10-15T00:55:02.137Z", "LastModifiedDate": "2023-09-12T14:55:31.563Z" }, { "VulnerabilityID": "CVE-2014-3566", "PkgID": "[email protected]_9.x86_64", "PkgName": "nss-tools", "PkgIdentifier": { "PURL": "pkg:rpm/centos/[email protected]_9?arch=x86_64\u0026distro=centos-7.9.2009", "UID": "159868f6d5fe274d" }, "InstalledVersion": "3.90.0-2.el7_9", "Status": "under_investigation", "Layer": { "Digest": "sha256:cc9d0ff701a0876b6fc54f4968f40cb4bba24cab5e0a6f66435be45320c91d75", "DiffID": "sha256:1730dd925a68d4809b977751080d4a0154d9c35defb774c7be5af01f8c038063" }, "SeveritySource": "redhat", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2014-3566", "Title": "SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack", "Description": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.", "Severity": "HIGH", "CweIDs": [ "CWE-310" ], "VendorSeverity": { "amazon": 3, "nvd": 1, "oracle-oval": 3, "redhat": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "V2Score": 4.3, "V3Score": 3.4 }, "redhat": { "V2Vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "V2Score": 5 } }, "References": [ "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc", "http://advisories.mageia.org/MGASA-2014-0416.html", "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", "http://askubuntu.com/a/537196", "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html", "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/", "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx", "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf", "http://downloads.asterisk.org/pub/security/AST-2014-011.html", "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html", "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581", "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705", "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html", "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html", "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html", "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html", "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html", "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624619906067", "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2", "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2", "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html", "http://rhn.redhat.com/errata/RHSA-2014-1652.html", "http://rhn.redhat.com/errata/RHSA-2014-1653.html", "http://rhn.redhat.com/errata/RHSA-2014-1692.html", "http://rhn.redhat.com/errata/RHSA-2014-1876.html", "http://rhn.redhat.com/errata/RHSA-2014-1877.html", "http://rhn.redhat.com/errata/RHSA-2014-1880.html", "http://rhn.redhat.com/errata/RHSA-2014-1881.html", "http://rhn.redhat.com/errata/RHSA-2014-1882.html", "http://rhn.redhat.com/errata/RHSA-2014-1920.html", "http://rhn.redhat.com/errata/RHSA-2014-1948.html", "http://rhn.redhat.com/errata/RHSA-2015-0068.html", "http://rhn.redhat.com/errata/RHSA-2015-0079.html", "http://rhn.redhat.com/errata/RHSA-2015-0080.html", "http://rhn.redhat.com/errata/RHSA-2015-0085.html", "http://rhn.redhat.com/errata/RHSA-2015-0086.html", "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "http://rhn.redhat.com/errata/RHSA-2015-0698.html", "http://rhn.redhat.com/errata/RHSA-2015-1545.html", "http://rhn.redhat.com/errata/RHSA-2015-1546.html", "http://secunia.com/advisories/59627", "http://secunia.com/advisories/60056", "http://secunia.com/advisories/60206", "http://secunia.com/advisories/60792", "http://secunia.com/advisories/60859", "http://secunia.com/advisories/61019", "http://secunia.com/advisories/61130", "http://secunia.com/advisories/61303", "http://secunia.com/advisories/61316", "http://secunia.com/advisories/61345", "http://secunia.com/advisories/61359", "http://secunia.com/advisories/61782", "http://secunia.com/advisories/61810", "http://secunia.com/advisories/61819", "http://secunia.com/advisories/61825", "http://secunia.com/advisories/61827", "http://secunia.com/advisories/61926", "http://secunia.com/advisories/61995", "http://support.apple.com/HT204244", "http://support.citrix.com/article/CTX200238", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle", "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431", "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439", "http://www-01.ibm.com/support/docview.wss?uid=swg21686997", "http://www-01.ibm.com/support/docview.wss?uid=swg21687172", "http://www-01.ibm.com/support/docview.wss?uid=swg21687611", "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", "http://www-01.ibm.com/support/docview.wss?uid=swg21692299", "http://www.debian.org/security/2014/dsa-3053", "http://www.debian.org/security/2015/dsa-3144", "http://www.debian.org/security/2015/dsa-3147", "http://www.debian.org/security/2015/dsa-3253", "http://www.debian.org/security/2016/dsa-3489", "http://www.kb.cert.org/vuls/id/577193", "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "http://www.securityfocus.com/archive/1/533724/100/0/threaded", "http://www.securityfocus.com/archive/1/533746", "http://www.securityfocus.com/archive/1/533747", "http://www.securityfocus.com/bid/70574", "http://www.securitytracker.com/id/1031029", "http://www.securitytracker.com/id/1031039", "http://www.securitytracker.com/id/1031085", "http://www.securitytracker.com/id/1031086", "http://www.securitytracker.com/id/1031087", "http://www.securitytracker.com/id/1031088", "http://www.securitytracker.com/id/1031089", "http://www.securitytracker.com/id/1031090", "http://www.securitytracker.com/id/1031091", "http://www.securitytracker.com/id/1031092", "http://www.securitytracker.com/id/1031093", "http://www.securitytracker.com/id/1031094", "http://www.securitytracker.com/id/1031095", "http://www.securitytracker.com/id/1031096", "http://www.securitytracker.com/id/1031105", "http://www.securitytracker.com/id/1031106", "http://www.securitytracker.com/id/1031107", "http://www.securitytracker.com/id/1031120", "http://www.securitytracker.com/id/1031123", "http://www.securitytracker.com/id/1031124", "http://www.securitytracker.com/id/1031130", "http://www.securitytracker.com/id/1031131", "http://www.securitytracker.com/id/1031132", "http://www.ubuntu.com/usn/USN-2486-1", "http://www.ubuntu.com/usn/USN-2487-1", "http://www.us-cert.gov/ncas/alerts/TA14-290A", "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm", "https://access.redhat.com/articles/1232123", "https://access.redhat.com/security/cve/CVE-2014-3566", "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/", "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6", "https://bto.bluecoat.com/security-advisory/sa83", "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983", "https://bugzilla.redhat.com/show_bug.cgi?id=1152789", "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip", "https://github.com/mpgn/poodle-PoC", "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10090", "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091", "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104", "https://linux.oracle.com/cve/CVE-2014-3566.html", "https://linux.oracle.com/errata/ELSA-2015-0085.html", "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E", "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E", "https://nvd.nist.gov/vuln/detail/CVE-2014-3566", "https://puppet.com/security/cve/poodle-sslv3-vulnerability", "https://security.gentoo.org/glsa/201507-14", "https://security.gentoo.org/glsa/201606-11", "https://security.netapp.com/advisory/ntap-20141015-0001/", "https://support.apple.com/HT205217", "https://support.apple.com/kb/HT6527", "https://support.apple.com/kb/HT6529", "https://support.apple.com/kb/HT6531", "https://support.apple.com/kb/HT6535", "https://support.apple.com/kb/HT6536", "https://support.apple.com/kb/HT6541", "https://support.apple.com/kb/HT6542", "https://support.citrix.com/article/CTX216642", "https://support.lenovo.com/product_security/poodle", "https://support.lenovo.com/us/en/product_security/poodle", "https://technet.microsoft.com/library/security/3009008.aspx", "https://ubuntu.com/security/notices/USN-2486-1", "https://ubuntu.com/security/notices/USN-2487-1", "https://www-01.ibm.com/support/docview.wss?uid=swg21688165", "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7", "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html", "https://www.cve.org/CVERecord?id=CVE-2014-3566", "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html", "https://www.elastic.co/blog/logstash-1-4-3-released", "https://www.imperialviolet.org/2014/10/14/poodle.html", "https://www.openssl.org/news/secadv_20141015.txt", "https://www.openssl.org/~bodo/ssl-poodle.pdf", "https://www.suse.com/support/kb/doc.php?id=7015773" ], "PublishedDate": "2014-10-15T00:55:02.137Z", "LastModifiedDate": "2023-09-12T14:55:31.563Z" } ] }The text was updated successfully, but these errors were encountered: