This leak (a bit referred to as #cloudbleed) is extensively covered in the following posts.
- Cloudflare - Incident report on memory leak caused by Cloudflare parser bug
https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/ - ARS Techinca - Serious Cloudflare bug exposed a potpourri of secret customer data
https://arstechnica.com/security/2017/02/serious-cloudflare-bug-exposed-a-potpourri-of-secret-customer-data/ - Chromium Bug Tracker - Cloudflare Reverse Proxies are Dumping Uninitialized Memory
https://bugs.chromium.org/p/project-zero/issues/detail?id=1139 - Pirate (GitHub) - List of Sites possibly affected by Cloudflare's #Cloudbleed HTTPS Traffic Leak
https://github.com/pirate/sites-using-cloudflare
0 comments:
Post a Comment