The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 3.4 | Low | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N |
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | NASA CFITSIO 3.42 |
| n/a | n/a | Version 1703 for 32-bit Systems |