Mr Seggelmann, of Münster in Germany, said the bug which introduced the flaw was „unfortunately“ missed by him and a reviewer when it was introduced into the open source OpenSSL encryption protocol over two years ago.

„I was working on improving OpenSSL and submitted numerous bug fixes and added new features,“ he said.

„In one of the new features, unfortunately, I missed validating a variable containing a length.“