WSO2 Information for VU#720951

OpenSSL TLS heartbeat extension read overflow discloses sensitive information


Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

On April 7th, a Security Advisory was issued by the OpenSSL project notifying the public of a serious vulnerability in the encryption software used by a majority of websites on the Internet.

We want you to know that our servers were not exposed and your WSO2 account is completely safe. Nevertheless, to ensure there is no additional risk, we strongly encourage you to request a new password.

If you have any questions or concerns, please email

For additional information regarding this vulnerability, please visit:

Vendor References



There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.