There was a devastating security flaw in the OpenSSL implementation of the SSL / TLS protocol (CVE-2014-0160). The vulnerability occurs in what is known as the heartbeat extension to this protocol, and it specifically impacts version 1.0.1 and beta versions of 1.0.2 of OpenSSL.