@Jeff-Andle A list of vulnerabilities can be found here . From the list i can take that it's one MITM exploit and everything else just DOS. Also google just warns us about a possible problem, it doesn't remove nor unpublish the app. Afaik heartbleed occurs from OpenSSL version 1.0.1 to 1.0.1f until it's fix in version 1.0.1g. So version 1.0.0e shouldn't have a problem with heartbleed. Although i would like to update somehow anyway...