Search for packages
Package details: pkg:deb/debian/pound@2.6-2%2Bdeb7u1
purl pkg:deb/debian/pound@2.6-2%2Bdeb7u1
Next non-vulnerable version 3.0-2
Latest non-vulnerable version 3.0-2
Risk 10.0
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-4qww-3wn9-aaag
Aliases:
CVE-2014-3566
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
2.6-6
Affected by 5 other vulnerabilities.
2.6-6+deb8u1
Affected by 3 other vulnerabilities.
VCID-55ga-282t-aaah
Aliases:
CVE-2009-3555
GHSA-f7w7-6pjc-wwm6
VC-OPENSSL-20091105-CVE-2009-3555
VU#120541
The renegotiation vulnerability in SSL protocol
2.6-6+deb8u1
Affected by 3 other vulnerabilities.
2.7-1.3+deb9u1
Affected by 2 other vulnerabilities.
VCID-835z-95xm-aaas
Aliases:
CVE-2018-21245
Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711.
3.0-2
Affected by 0 other vulnerabilities.
VCID-9dxv-6zus-aaan
Aliases:
CVE-2012-4929
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.
2.6-6
Affected by 5 other vulnerabilities.
2.6-6+deb8u1
Affected by 3 other vulnerabilities.
VCID-ekez-5d4t-aaaf
Aliases:
CVE-2016-10711
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
3.0-2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-4qww-3wn9-aaag The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. CVE-2014-3566
VCID-55ga-282t-aaah The renegotiation vulnerability in SSL protocol CVE-2009-3555
GHSA-f7w7-6pjc-wwm6
VC-OPENSSL-20091105-CVE-2009-3555
VU#120541
VCID-9dxv-6zus-aaan The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack. CVE-2012-4929
VCID-uynu-zf1g-aaae The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. CVE-2011-3389

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T09:59:54.149140+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.3
2025-06-21T09:51:10.020306+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.3
2025-06-21T09:34:28.934195+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.3
2025-06-21T09:18:43.006456+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:14:30.557984+00:00 Debian Oval Importer Fixing VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:06:04.242340+00:00 Debian Oval Importer Fixing VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T06:28:38.294174+00:00 Debian Oval Importer Affected by VCID-ekez-5d4t-aaaf None 36.1.3
2025-06-21T05:03:19.218612+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan None 36.1.3
2025-06-21T04:40:38.272988+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas None 36.1.3
2025-06-21T04:30:15.915708+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag None 36.1.3
2025-06-21T02:22:46.755626+00:00 Debian Oval Importer Fixing VCID-uynu-zf1g-aaae None 36.1.3
2025-06-20T19:48:11.264148+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah None 36.1.3
2025-06-20T19:20:49.707247+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah None 36.1.3
2025-06-08T12:02:18.110068+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T03:48:59.695551+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.0
2025-06-08T03:39:49.674199+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.0
2025-06-08T03:23:03.262159+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.0
2025-06-08T03:06:32.523834+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:02:11.475254+00:00 Debian Oval Importer Fixing VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:53:12.670306+00:00 Debian Oval Importer Fixing VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T00:07:50.784749+00:00 Debian Oval Importer Affected by VCID-ekez-5d4t-aaaf None 36.1.0
2025-06-07T22:40:47.643402+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan None 36.1.0
2025-06-07T22:17:29.612183+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas None 36.1.0
2025-06-07T22:06:39.584321+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag None 36.1.0
2025-06-07T19:46:37.534497+00:00 Debian Oval Importer Fixing VCID-uynu-zf1g-aaae None 36.1.0
2025-06-07T13:40:17.542557+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah None 36.1.0
2025-06-07T13:20:22.765894+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah None 36.1.0
2025-06-03T13:19:49.735220+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah None 36.1.2
2025-04-12T21:22:48.366692+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:50:50.520334+00:00 Debian Oval Importer Fixing VCID-uynu-zf1g-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:43:38.366993+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:46:27.266551+00:00 Debian Oval Importer Affected by VCID-ekez-5d4t-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:40:10.538129+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:47:39.553917+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T02:16:47.521008+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.0.0
2025-04-08T02:07:38.311105+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.0.0
2025-04-08T01:50:26.329057+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.0.0
2025-04-08T01:33:46.090194+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:29:19.689495+00:00 Debian Oval Importer Fixing VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:20:27.311068+00:00 Debian Oval Importer Fixing VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-07T22:40:10.135622+00:00 Debian Oval Importer Affected by VCID-ekez-5d4t-aaaf None 36.0.0
2025-04-07T21:12:28.932681+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan None 36.0.0
2025-04-07T20:48:58.335796+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas None 36.0.0
2025-04-07T20:37:59.452512+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag None 36.0.0
2025-04-07T18:24:26.697984+00:00 Debian Oval Importer Fixing VCID-uynu-zf1g-aaae None 36.0.0
2025-04-07T12:15:38.628608+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah None 36.0.0
2025-04-07T11:55:55.116883+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah None 36.0.0
2024-11-29T08:54:17.699649+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-29T08:54:14.067330+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 35.0.0
2024-11-29T08:54:13.366710+00:00 Debian Oval Importer Fixing VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-11-28T11:52:43.752292+00:00 Debian Oval Importer Fixing VCID-uynu-zf1g-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T08:00:48.958991+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T08:00:44.677081+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 35.0.0
2024-11-27T08:00:43.967602+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-10-14T16:39:39.961364+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-14T16:39:36.147071+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 34.0.2
2024-10-14T16:39:35.449575+00:00 Debian Oval Importer Fixing VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-10-13T23:17:32.776205+00:00 Debian Oval Importer Fixing VCID-uynu-zf1g-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T04:02:36.038986+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T04:02:31.711879+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 34.0.2
2024-10-13T04:02:30.994238+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-09-21T10:34:35.236787+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-21T10:34:31.580166+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 34.0.1
2024-09-21T10:34:30.871843+00:00 Debian Oval Importer Fixing VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1
2024-09-21T03:53:46.521959+00:00 Debian Oval Importer Fixing VCID-uynu-zf1g-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T20:07:02.609751+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T20:06:57.640201+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 34.0.1
2024-09-20T20:06:56.942082+00:00 Debian Oval Importer Fixing VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1