The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization
Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor
is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes
everything necessary to run and manage virtual machines: a subset of the
Red Hat Enterprise Linux operating environment and the Red Hat Enterprise
Virtualization Agent.

Note: Red Hat Enterprise Virtualization Hypervisor is only available for
the Intel 64 and AMD64 architectures with virtualization extensions.

An information disclosure flaw was found in the way OpenSSL handled TLS and
DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server
could send a specially crafted TLS or DTLS Heartbeat packet to disclose a
limited portion of memory per request from a connected client or server.
Note that the disclosed portions of memory could potentially include
sensitive information such as private keys. (CVE-2014-0160)

Red Hat would like to thank the OpenSSL project for reporting this issue.
Upstream acknowledges Neel Mehta of Google Security as the original
reporter.

Users of the Red Hat Enterprise Virtualization Hypervisor are advised to
upgrade to this updated package, which corrects this issue.

OSVersionArchitecturePackageVersionFilename
RedHat6srcrhev-hypervisor6< 6.5-20140407.0.el6evrhev-hypervisor6-6.5-20140407.0.el6ev.src.rpm
RedHat6noarchrhev-hypervisor6< 6.5-20140407.0.el6evrhev-hypervisor6-6.5-20140407.0.el6ev.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	src	rhev-hypervisor6	< 6.5-20140407.0.el6ev	rhev-hypervisor6-6.5-20140407.0.el6ev.src.rpm
RedHat	6	noarch	rhev-hypervisor6	< 6.5-20140407.0.el6ev	rhev-hypervisor6-6.5-20140407.0.el6ev.noarch.rpm

kitploit 3

securityvulns 32

nessus 52

centos 1

redhat 3

threatpost 3

openvas 16

debiancve 1

cert 1

cisco 2

seebug 17

packetstorm 7

zdt 4

qt 1

ibm 7

myhack58 1

oraclelinux 1

hackerone 5

vulnerlab 1

veracode 2

f5 1

atlassian 1

thn 5

malwarebytes 1

debian 4

freebsd 1

ics 6

intel 1

hp 2

osv 1

prion 1

openssl 1

symantec 1

exploitpack 3

cloudfoundry 1

checkpoint_advisories 1

mageia 1

cisa_kev 1

cvelist 1

huawei 1

cve 1

arista 1

ubuntucve 1

fortinet 1

kitploit

Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

2015-10-01 09:47:00

sslscan - tests SSL/TLS enabled services to discover supported cipher suites

2016-12-26 14:30:00

Collection of Heartbleed Tools (OpenSSL CVE-2014-0160)

2014-04-10 00:55:00

securityvulns

[security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information

2014-04-20 00:00:00

[security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running OpenSSL, Remote Disclosure of Information

2014-05-01 00:00:00

[security bulletin] HPSBMU03032 rev.1 - HP Virtual Connect Firmware Smart Components Installer Software running OpenSSL, Remote Disclosure of Information

2014-05-02 00:00:00

nessus

HP LoadRunner 11.52.x < 11.52 Patch 2 / 12.00.x < 12.00 Patch 1 Heartbeat Information Disclosure (Heartbleed)

2014-08-07 00:00:00

Juniper Junos OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed)

2014-04-18 00:00:00

McAfee Next Generation Firewall OpenSSL Information Disclosure (SB10071) (Heartbleed)

2014-05-02 00:00:00

centos

openssl security update

2014-04-08 02:54:58

redhat

(RHSA-2014:0376) Important: openssl security update

2014-04-08 00:00:00

(RHSA-2014:0396) Important: rhev-hypervisor6 security update

2014-04-10 00:00:00

(RHSA-2014:0377) Important: openssl security update

2014-04-08 00:00:00

threatpost

Tor Blacklisting Exit Nodes Vulnerable to Heartbleed Bug

2014-04-17 11:40:41

April 2014 Oracle Critical Patch Update

2014-04-16 12:32:06

Oracle Gives Heartbleed Update, Patches 14 Products

2014-04-21 13:55:42

openvas

OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability (STARTTLS Check)

2014-04-09 00:00:00

Debian: Security Advisory (DSA-2896-1)

2014-04-06 00:00:00

Mageia: Security Advisory (MGASA-2014-0256)

2022-01-28 00:00:00

debiancve

CVE-2014-0160

2014-04-07 22:55:03

cert

OpenSSL TLS heartbeat extension read overflow discloses sensitive information

2014-04-08 00:00:00

cisco

OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products

2014-04-09 03:00:00

OpenSSL TLS/DTLS Heartbeat Information Disclosure Vulnerability

2014-04-08 14:39:29

seebug

McAfee Email Gateway OpenSSL TLS心跳信息泄漏漏洞

2014-04-16 00:00:00

LibreOffice OpenSSL TLS心跳信息泄漏漏洞

2014-04-16 00:00:00

HP多个产品OpenSSL TLS/DTLS心跳信息泄漏漏洞

2014-04-16 00:00:00

packetstorm

Heartbleed User Session Extraction

2014-04-09 00:00:00

Streamworks Job Scheduler Release 7 Authentication Weakness

2019-01-16 00:00:00

Heartbleed OpenSSL Information Leak Proof Of Concept

2014-04-24 00:00:00

zdt

Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support

2014-04-24 00:00:00

OpenSSL TLS Heartbeat Extension - Memory Disclosure

2014-04-08 00:00:00

OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)

2014-04-09 00:00:00

Heartbleed Bug (CVE-2014-0160) and Qt

2014-04-10 00:00:00

ibm

Security Bulletin: Some versions of IBM Security Access Manager for Web are affected by the Heartbleed vulnerability (CVE-2014-0160)

2018-06-16 21:17:17

Security Bulletin: IBM XIV is affected by a vulnerability in OpenSSL (CVE-2014-0160)

2018-06-18 00:07:48

Security Bulletin: SmartCloud Provisioning is affected by a vulnerability in OpenSSL (CVE-2014-0160)

2018-06-17 22:30:10

myhack58

Than imagined more terror! OpenSSL“effort”vulnerability in-depth analysis-vulnerability warning-the black bar safety net

2014-04-10 00:00:00

oraclelinux

openssl security update

2014-04-07 00:00:00

hackerone

Concrete CMS: https://concrete5.org ::: HeartBleed Attack (CVE-2014-0160)

2014-04-08 11:01:31

Internet Bug Bounty: TLS heartbeat read overrun

2014-04-05 23:51:06

Mail.ru: scfbp.tng.mail.ru: Heartbleed

2015-02-25 07:49:11

vulnerlab

HeartBleed SSL CVE 20140160 - 10 Steps to Fix in Ubuntu

2014-04-09 00:00:00

veracode

Information Disclosure Through Buffer Over-read

2019-01-15 09:00:11

Information Disclosure Through Buffer Over-read

2017-02-07 02:53:18

SOL15159 - OpenSSL vulnerability CVE-2014-0160

2014-04-08 00:00:00

atlassian

Update Tomcat Native DLL in JIRA Installer

2014-06-26 19:39:26

thn

How Heartbleed Bug Exposes Your Passwords to Hackers

2014-04-10 07:00:00

NSA denies Report that Agency knew and exploited Heartbleed Vulnerability

2014-04-11 23:21:00

Billions of Smartphone Users affected by Heartbleed Vulnerability

2014-04-13 08:19:00

malwarebytes

Five years later, Heartbleed vulnerability still unpatched

2019-09-12 15:00:00

debian

[SECURITY] [DSA 2896-1] openssl security update

2014-04-07 21:36:46

[SECURITY] [DSA 2896-2] openssl security update

2014-04-08 13:47:13

[SECURITY] [DSA 2896-2] openssl security update

2014-04-08 13:47:13

freebsd

OpenSSL -- Remote Information Disclosure

2014-04-07 00:00:00

ics

Digi International OpenSSL Vulnerability

2018-09-06 12:00:00

Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B)

2018-09-06 12:00:00

OpenSSL Vulnerability

2018-08-27 12:00:00

intel

Multiple Intel Software Products and API Services impacted by CVE-2014-0160

2014-04-30 00:00:00

HPSBPI03031 rev.3 - HP Officejet Pro X Printers, Certain Officejet Pro Printers, Remote Disclosure of Information

2014-04-30 00:00:00

HPSBPI03014 rev.2 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information

2014-04-22 00:00:00

osv

openssl - security update

2014-04-07 00:00:00

prion

Buffer overflow

2014-04-07 22:55:00

openssl

Vulnerability in OpenSSL CVE-2014-0160

2014-04-07 00:00:00

symantec

Symantec Messaging Gateway 10.6.x ACE Library Static Link to Vulnerable SSL Version

2016-05-12 08:00:00

exploitpack

OpenSSL TLS Heartbeat Extension - Heartbleed Memory Disclosure

2014-04-08 00:00:00

OpenSSL TLS Heartbeat Extension - Heartbleed Information Leak (1)

2014-04-10 00:00:00

OpenSSL 1.0.1f TLS Heartbeat Extension - Heartbleed Memory Disclosure (Multiple SSLTLS Versions)

2014-04-09 00:00:00

cloudfoundry

CVE-2014-0160 Heartbleed | Cloud Foundry

2014-04-10 00:00:00

checkpoint_advisories

OpenSSL TLS Heartbeat information disclosure - Ver2 (CVE-2014-0160)

2014-12-28 00:00:00

mageia

Updated tor packages fix multiple vulnerabilities

2014-06-06 18:33:56

cisa_kev

OpenSSL Information Disclosure Vulnerability

2022-05-04 00:00:00

cvelist

CVE-2014-0160

2014-04-07 00:00:00

huawei

Security Advisory-OpenSSL Heartbeat Extension vulnerability (Heartbleed bug) on Huawei multiple products

2014-04-17 00:00:00

cve

CVE-2014-0160

2014-04-07 22:55:03

arista

Security Advisory 0004

2014-04-09 00:00:00

ubuntucve

CVE-2014-0160

2014-04-07 00:00:00

fortinet

Information Disclosure Vulnerability in OpenSSL (Heartbleed)

2014-04-08 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.975 High

EPSS

Percentile

100.0%

JSON

Related for RHSA-2014:0378