Heartbleed is a security bug in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed may be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It results from improper input validation in the implementation of the TLS heartbeat extension.[3] Thus, the bug's name derives from heartbeat.[4] The vulnerability is classified as a buffer over-read,[5] a situation where more data can be read than should be allowed.[6]
[Source: www.wikiwand.com] [ Comments ] [See why this is trending]