Heartbleed vulnerability exists in TLS implementation in OpenSSL, from heartbleed.com:
Why it is called the Heartbleed Bug?
Bug is in the OpenSSL's implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520). When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server.
Copssh doesn't use TLS and is not vulnerable to a Heartbleed attack.