Multiple padding Oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS when configured with SSL Deep Inspection policies and with the IPS sensor enabled may allow an attacker to decipher TLS connections going through the FortiGate by monitoring the traffic (should he/she be able to).