A flaw in SSL 3.0 allows an attacker to wage a man-in-the-middle attack on a user’s encrypted web. The flaw is not as bad as Heartbleed, but it’s “certainly real,” says WhiteOps chief scientist Dan Kaminsky. Google plans to remove SSL 3. Most browsers are affected by the flaw, because they still support the older version of the encryption protocol. Some websites will break as Google disables SSL 3., so those sites “will need to be updated quickly” to drop support.”]
Source: https://www.darkreading.com/attacks-breaches/-poodle-attacks-kills-off-ssl-3-0