Credit: Tavis Ormandy
Random PII on the internet. During a fuzzing project Tavis discovered a bug in one of Cloudflare’s HTML parsers, that would cause Cloudflare’s edge servers to return random memory dumps in HTTP responses. These data dumps including consumer emails, encryption keys, and other private information – information that was in turn cached by other search engines. This vulnerability affected all cloudflare customers.