Search for packages
Package details: pkg:deb/debian/pound@2.4.3-1
purl pkg:deb/debian/pound@2.4.3-1
Next non-vulnerable version 3.0-2
Latest non-vulnerable version 3.0-2
Risk 10.0
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-4qww-3wn9-aaag
Aliases:
CVE-2014-3566
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
2.6-2+deb7u1
Affected by 5 other vulnerabilities.
2.6-6
Affected by 5 other vulnerabilities.
2.6-6+deb8u1
Affected by 3 other vulnerabilities.
VCID-55ga-282t-aaah
Aliases:
CVE-2009-3555
GHSA-f7w7-6pjc-wwm6
VC-OPENSSL-20091105-CVE-2009-3555
VU#120541
The renegotiation vulnerability in SSL protocol
2.6-2+deb7u1
Affected by 5 other vulnerabilities.
2.6-6+deb8u1
Affected by 3 other vulnerabilities.
2.7-1.3+deb9u1
Affected by 2 other vulnerabilities.
VCID-835z-95xm-aaas
Aliases:
CVE-2018-21245
Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711.
3.0-2
Affected by 0 other vulnerabilities.
VCID-9dxv-6zus-aaan
Aliases:
CVE-2012-4929
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.
2.6-2+deb7u1
Affected by 5 other vulnerabilities.
2.6-6
Affected by 5 other vulnerabilities.
2.6-6+deb8u1
Affected by 3 other vulnerabilities.
VCID-ekez-5d4t-aaaf
Aliases:
CVE-2016-10711
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
3.0-2
Affected by 0 other vulnerabilities.
VCID-uynu-zf1g-aaae
Aliases:
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
2.6-2+deb7u1
Affected by 5 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T09:59:54.140979+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.3
2025-06-21T09:51:10.013590+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.3
2025-06-21T09:34:28.927410+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.3
2025-06-21T09:18:42.999807+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:14:30.552089+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T09:06:04.236411+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.3
2025-06-21T06:28:38.288168+00:00 Debian Oval Importer Affected by VCID-ekez-5d4t-aaaf None 36.1.3
2025-06-21T05:03:19.212369+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan None 36.1.3
2025-06-21T04:40:38.267569+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas None 36.1.3
2025-06-21T04:30:15.909043+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag None 36.1.3
2025-06-21T02:22:46.748940+00:00 Debian Oval Importer Affected by VCID-uynu-zf1g-aaae None 36.1.3
2025-06-20T19:20:49.701014+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah None 36.1.3
2025-06-08T12:02:18.104570+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T03:48:59.690402+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.0
2025-06-08T03:39:49.668762+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.0
2025-06-08T03:23:03.256948+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.0
2025-06-08T03:06:32.518924+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T03:02:11.469236+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T02:53:12.662317+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.1.0
2025-06-08T00:07:50.779488+00:00 Debian Oval Importer Affected by VCID-ekez-5d4t-aaaf None 36.1.0
2025-06-07T22:40:47.636392+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan None 36.1.0
2025-06-07T22:17:29.606655+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas None 36.1.0
2025-06-07T22:06:39.578690+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag None 36.1.0
2025-06-07T19:46:37.529067+00:00 Debian Oval Importer Affected by VCID-uynu-zf1g-aaae None 36.1.0
2025-06-07T13:20:22.760001+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah None 36.1.0
2025-06-03T13:19:49.729523+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah None 36.1.2
2025-04-12T21:22:48.352122+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:50:50.505632+00:00 Debian Oval Importer Affected by VCID-uynu-zf1g-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:43:38.352370+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:46:27.249884+00:00 Debian Oval Importer Affected by VCID-ekez-5d4t-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:40:10.522694+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:47:39.538556+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T02:16:47.505960+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.0.0
2025-04-08T02:07:38.296119+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.0.0
2025-04-08T01:50:26.314327+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.0.0
2025-04-08T01:33:46.074639+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:29:19.674351+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-08T01:20:27.295651+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 36.0.0
2025-04-07T22:40:10.119457+00:00 Debian Oval Importer Affected by VCID-ekez-5d4t-aaaf None 36.0.0
2025-04-07T21:12:28.917507+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan None 36.0.0
2025-04-07T20:48:58.319211+00:00 Debian Oval Importer Affected by VCID-835z-95xm-aaas None 36.0.0
2025-04-07T20:37:59.435952+00:00 Debian Oval Importer Affected by VCID-4qww-3wn9-aaag None 36.0.0
2025-04-07T18:24:26.684514+00:00 Debian Oval Importer Affected by VCID-uynu-zf1g-aaae None 36.0.0
2025-04-07T11:55:55.102238+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah None 36.0.0
2024-11-29T08:54:17.684934+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-29T08:54:14.050648+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 35.0.0
2024-11-29T08:54:13.351647+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-11-28T11:52:43.737417+00:00 Debian Oval Importer Affected by VCID-uynu-zf1g-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T08:00:48.943185+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T08:00:44.661228+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 35.0.0
2024-11-27T08:00:43.952213+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 35.0.0
2024-10-14T16:39:39.946982+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-14T16:39:36.132665+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 34.0.2
2024-10-14T16:39:35.435183+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-10-13T23:17:32.761803+00:00 Debian Oval Importer Affected by VCID-uynu-zf1g-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T04:02:36.024510+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T04:02:31.697503+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 34.0.2
2024-10-13T04:02:30.978799+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.2
2024-09-21T10:34:35.222485+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-21T10:34:31.562969+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 34.0.1
2024-09-21T10:34:30.856011+00:00 Debian Oval Importer Affected by VCID-9dxv-6zus-aaan https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1
2024-09-21T03:53:46.502802+00:00 Debian Oval Importer Affected by VCID-uynu-zf1g-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T20:07:02.595160+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T20:06:57.625701+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 34.0.1
2024-09-20T20:06:56.923035+00:00 Debian Oval Importer Affected by VCID-55ga-282t-aaah https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 34.0.1