Heartbleed is a security bug tht was discovered in April 2014 at the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. Heartbleed may be utilized regardless of whether the party using a vulnerable OpenSSL instance for TLS is a server or a client. It output is available from improper input validation in the implementation of the TLS heartbeat extension, thus the bug's name derives from "heartbeat".
|