Cloudbleed: How Cloudflare’s Memory Leak Exposed their Customer Sensitive Data
Cloudflare, the popular Content Delivery Network (CDN) trusted by over 5.5 million websites, has warned customers of a recent bug that releases private information to standard search engines. Due to some unusual circumstances, Cloudflare edge servers would run past the end of a buffer and disclose unauthorized data back to users if that data transversed Cloudflare. While cyber security is always in flux, the most recent bug with Cloudflare, being called Cloudbleed, is one of the worst cases of data breached over the past few years. In fact, many security experts are saying that this bug is as bad as it ever gets because companies using Cloudflare can’t prove to their customer that their private data is secure.
Acting as a proxy, Cloudflare is the middle man between an online user and the actual website that is being visited. This extra level of protection helps optimize and secure websites from malicious attacks because the Cloudflare servers contribute to making the HTTP requests and filter out suspicious activity.
However, the centralized use of Cloudflare servers opens companies to security issues if Cloudflare experiences a bug such as Cloudbleed. Before we continue to understand
Source: https://managewp.org/articles/14467/cloudbleed-how-cloudflare-s-memory-leak-exposed-their-customer-sensitive-data
source https://williechiu40.wordpress.com/2017/02/27/cloudbleed-how-cloudflares-memory-leak-exposed-their-customer-sensitive-data/