The products below ship with a node.js server that is statically linked with a version of OpenSSL that if used for TLS communication may be vulnerable to CVE-2014-0160 (Heartbleed). We have reviewed the use of node.js within the products below and found that it is not exploitable in this context.
Products which include MongoDB
Remediation / Patching
BMC MyIT BMC SmartIT
See this support article for a detailed explanation of why the products are not vulnerable to CVE-2014-0160.