Search for packages
Package details: pkg:deb/ubuntu/pound@2.4-2
purl pkg:deb/ubuntu/pound@2.4-2
Next non-vulnerable version 2.8-2
Latest non-vulnerable version 2.8-2
Risk 10.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-4qww-3wn9-aaag
Aliases:
CVE-2014-3566
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
2.6-6.1
Affected by 2 other vulnerabilities.
VCID-835z-95xm-aaas
Aliases:
CVE-2018-21245
Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711.
2.6-6.1ubuntu0.1
Affected by 1 other vulnerability.
2.8-2
Affected by 0 other vulnerabilities.
VCID-ekez-5d4t-aaaf
Aliases:
CVE-2016-10711
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
2.8-2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version