Heartbleed

Overview
Heartbleed is a security bug in the OpenSSL cryptography library that gained widespread attention in April 2014. OpenSSL is a widely used implementation of the Transport Layer Security (TLS) protocol. Heartbleed may be exploited whether the party using a vulnerable OpenSSL instance for TLS is a server or a client. Heartbleed results from improper input validation (due to a missing bounds check) in the implementation of the TLS heartbeat extension, the heartbeat being the basis for the bug's name. The vulnerability is classified as a buffer overread, a situation where software allows more data to be read than should be allowed.