Loading
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Use CWE-310, Redhat vendor hub and Enterprise Linux product page to widen CVE-2014-3566 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-28369, CVE-2026-28368 and CVE-2026-35091 for nearby disclosures in the same product family.