CVSS 3.1 Score 7.5 of 10 (high)


Published Apr 7, 2014
Updated: Nov 7, 2023
CWE ID 125


CVE-2014-0160, also known as Heartbleed, is a high-severity vulnerability that affects the TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g. This vulnerability allows remote attackers to obtain sensitive information from process memory by sending crafted packets that trigger a buffer over-read. The affected products include various versions of OpenSSL, and remediation involves upgrading to version 1.0.1g or applying a patch provided by the vendor. Heartbleed poses a significant danger to organizations as it can expose private keys and other sensitive data, potentially leading to unauthorized access and data breaches.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2014-0160 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options