Cloudflare security bug

Share

By now you would have read or heard about the security bug that impacted Cloudflare. Cloudflare is a CDN that is used by a lot of companies to better serve static content and also to handle DDOS and other features to better protect their website. We highly recommend you to read up the article published by Cloudflare.

Incident report on memory leak caused by Cloudflare parser bug

Long story short, we at Intentwise depend on a few third party products which use Cloudflare and also internally for our website we use Cloudflare and we have been assured by them that none of our data has been compromised. Here is an email excerpt received from Cloudflare

In our review of these third party caches, we discovered data that had been exposed from approximately 150 of Cloudflare’s customers across our Free, Pro, Business, and Enterprise plans. We have reached out to these customers directly to provide them with a copy of the data that was exposed, help them understand its impact, and help them mitigate that impact.

Fortunately, your domain is not one of the domains where we have discovered exposed data in any third party caches. The bug has been patched so it is no longer leaking data.

We at Intentwise take security very seriously and have been constantly on the lookout to better protect our and our client’s data.

Our third party products have taken extra precaution and have decided to invalidate all user sessions. This will require all users to re-authenticate and login to the app again. We apologize in advance for this inconvenience.

Read our post “Hibernate Envers and Spring Boot with Multiple Data Sources” for the high-level steps to configure Envers with Spring boot using Custom Revision Entity.

Recommendations

Subscribe to our Newsletter​

Learn about product updates, webinars, and news for ecommerce professionals.