Hosting | Online Services | Security | Security News

CloudFlare Bug Potentially Exposes Private Information
by Niles Nerd

Nerds Hosting uses CloudFlare to power certain aspects of our hosting infrastructure, and thus we felt it important to share some thoughts on the CloudFlare bug that was exposed last week. Unfortunately, the bug in question is very technical in nature and hard to explain clearly and concisely. Since many clients may have read something about this on social media or in the press, we felt it important to address this issue.
At a very high level, a bug was found in the CloudFlare system that would occasionally add random, unrelated data to a website request. This random data was a leak from the memory stack on the CloudFlare servers, and could potentially have contained sensitive data from one or more of the millions of websites that use the CloudFlare systems. Due to the nature of this bug, it is impossible to predict what data would have leaked, nor is there any indication that any malicious users took advantage of this problem. This bug has since been fixed by CloudFlare.
After consideration and research, it is the belief of our team that the risk to our clients was extremely low, and we do not recommend any specific actions in relation to this incident at this time.
You can read more about this incident from CloudFlare, though please note this article may be quite technical in nature: https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

Related Posts

Google Chrome urgent update – 11 security fixes

Google Chrome urgent update – 11 security fixes

    Google Chrome urgent update - 11 security fixes   On Monday September 13, 2021 Google Chrome released update 93.0.4577.82 for windows. This update fixes 11 security issues all classified as High risk. A note on the update did specify that google is...