February 26, 2017 10:51 pm
A buffer overflow bug has caused a small number of requests to Cloudflare proxies to leak data from unrelated requests, including potentially sensitive data such as passwords and other secrets. The issue, which has been named ‘Cloudbleed’, was discovered and documented by Google Project Zero vulnerability researcher Tavis Ormandy. After applying fixes and attempting to clean search engine caches Cloudflare’s John Graham-Cumming provided a detailed explanatory blog post. Despite some sensitive data being leaked Cloudflare’s Founder and CEO Matthew Prince tweeted ‘I think we largely dodged a bullet on the actual impact’.
Continue reading the full story at InfoQ.
Posted by Chris Swan
Categories: cloud, InfoQ news, security
Tags: Cloudbleed, CloudFlare, security
Mobile Site | Full Site
Get a free blog at WordPress.com Theme: WordPress Mobile Edition by Alex King.