CVE-2014-0160

OpenSSL Information Disclosure Vulnerability

The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information. Vendor/Product: OpenSSL OpenSSL. Added to CISA KEV 2022-05-04; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2014-0160