SAN FRANCISCO, Oct 11 (Bernama–BUSINESS WIRE) — Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, today made public that it helped lead the disclosure of a new novel zero-day vulnerability, dubbed “HTTP/2 Rapid Reset.” This global vulnerability gives attackers the ability to generate attacks larger than anything the Internet had seen before. To help mitigate the impact of this new threat for the entire Internet ecosystem, Cloudflare developed technology purpose-built to automatically block any attack leveraging Rapid Reset for its customers.
Cloudflare successfully mitigated these issues and halted potential abuse for all customers, while simultaneously kicking off a responsible disclosure process with two other major infrastructure providers, to extend mitigations for this vulnerability to a large percentage of the Internet prior to disclosing its existence to the general public.