/alerttags/wstg-v42-cryp-01/ Recent content in WSTG-V42-CRYP-01 on ZAP Hugo en-us /docs/alerts/20015/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/20015/ <p>The TLS implementation in OpenSSL 1.0.1 before 1.0.1g does not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, potentially disclosing sensitive information.</p> /docs/alerts/10034/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10034/ <p>The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, potentially disclosing sensitive information.</p> /docs/alerts/10205-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10205-1/ <p>Performs HTTPS configuration analysis including certificate details and supported cipher suites.</p> /docs/alerts/10205-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10205-2/ <p>The HTTPS configuration has one or more security issues identified by the TLS risk assessment.</p>