Heartbleed
Security bug in OpenSSL
Heartbleed ▸ Facts ▸ Comments ▸ News ▸ Videos
Heartbleed was a security bug in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed could be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It resulted from improper input validation in the implementation of the TLS heartbeat extension. Thus, the bug's name derived from heartbeat. The vulnerability was classified as a buffer over-read, a situation where more data can be read than should be allowed.
0 shares | ShareTweetSavePostSend |
You Might Like
No news matches foundSorry, we were unable to find any results in our database for your queryFree news archive accessDid you know? You are eligible to search our news archive with millions of news references free of charge. To do this, please sign in first at the top of the screen. • Information about free access to our news archive Search this site and the web: |