Safeguard
Tag

heartbleed

Safeguard articles tagged "heartbleed" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Vulnerability Analysis

Heartbleed (CVE-2014-0160) Explained: When OpenSSL Leaked Memory to Anyone

CVE-2014-0160, Heartbleed, let remote attackers read up to 64KB of an OpenSSL server's memory per request — private keys, sessions, passwords. Here is the missing bounds check that caused it.

Jul 1, 20266 min read
Vulnerability Analysis

Heartbleed OpenSSL vulnerability retrospective

A decade later, Heartbleed (CVE-2014-0160) still explains why software supply chain visibility matters: severity, timeline, and remediation steps revisited.

May 4, 20267 min read
Vulnerability Analysis

What Was the Heartbleed Bug

A deep dive into CVE-2014-0160 (Heartbleed): the OpenSSL heartbeat flaw, its severity, exploitation timeline, and how to remediate it today.

Feb 12, 20269 min read
Vulnerability Analysis

Heartbleed OpenSSL memory disclosure (CVE-2014-0160)

Heartbleed (CVE-2014-0160) let attackers silently read server memory over TLS. Here's the impact, timeline, remediation, and how to detect lingering exposure today.

Jan 19, 20268 min read
Open Source Security

OpenSSL Project Governance: Security Lessons from Heartbleed and Beyond

OpenSSL's transformation from a two-person project securing half the internet to a properly governed foundation offers a blueprint for open source security governance.

Jan 12, 20237 min read
Incident Analysis

Heartbleed at Five Years: A Practitioner Retrospective

Five years after CVE-2014-0160, Heartbleed still shapes how we think about shared cryptographic libraries, disclosure ethics, and open-source funding.

Apr 7, 20196 min read
heartbleed — Safeguard Blog