Cloudflare went down

[RedViking]

Lasted about 2 hours. My site is back up again.

 

[werfie]

Yeah, all seems to be ok now.

 

[HAL 9000]

Seems to be back to 'normal' again - for now at least...

 

[Herr der Verboten]

View attachment 1868932

To find wife ****ing the gardener?

-desperate housewives

 

[Progenix Oj101]

Lasted about 2 hours. My site is back up again.

The only place I can't avoid CloudFlare is the ticketing system (FreshDesk). I saw 6 minutes of downtime?

 

[deweyzeph]

Good time to top up my Cloudflare shares on Easy Equities.

 

[HAL 9000]

Cloudflare blames today's outage on React2Shell mitigations - Bleeping Computer​

Earlier today, Cloudflare experienced a widespread outage that caused websites and online platforms worldwide to go down, returning a "500 Internal Server Error" message.

The internet infrastructure company has now blamed the incident on the rollout of emergency mitigations designed to address a critical remote code execution vulnerability in React Server Components, which is now actively exploited in attacks.

"The issue was not caused, directly or indirectly, by a cyber attack on Cloudflare’s systems or malicious activity of any kind. Instead, it was triggered by changes being made to our body parsing logic while attempting to detect and mitigate an industry-wide vulnerability disclosed this week in React Server Components," Cloudflare CTO Dane Knecht noted in a post-mortem.

"A subset of customers were impacted, accounting for approximately 28% of all HTTP traffic served by Cloudflare."

Tracked as CVE-2025-55182, this maximum severity security flaw (dubbed React2Shell) affects the React open-source JavaScript library for web and native user interfaces, as well as dependent React frameworks such as Next.js, React Router, Waku, @parcel/rsc, @vitejs/plugin-rsc, and RedwoodSDK.

The vulnerability was found in the React Server Components (RSC) 'Flight' protocol, and it allows unauthenticated attackers to gain remote code execution in React and Next.js applications by sending maliciously crafted HTTP requests to React Server Function endpoints.

While multiple React packages in their default configuration (i.e., react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack) are vulnerable, the flaw only affects React versions 19.0, 19.1.0, 19.1.1, and 19.2.0 released during the past year.

Cloudflare blames today's outage on React2Shell mitigations

Cloudflare has blamed today's outage on the emergency patching of a critical React remote code execution vulnerability, which is now actively exploited in attacks.

www.bleepingcomputer.com

 

[SauRoNZA]

The only place I can't avoid CloudFlare is the ticketing system (FreshDesk). I saw 6 minutes of downtime?

Yup, definitely wasn’t 2 hours.

Maybe 15 max.

 

[Wut]

Yup, definitely wasn’t 2 hours.

Maybe 15 max.

Around 27 minutes from what I can tell after checking the traffic logs for one of our sites.

 

[Lawnchairman]

This is what they get for injecting ai written script directly into one of the most important pieces of Internet infrastructure on the planet.

 

[FiestaST]

 

[Jan van Riebeeckstad]

Lasted about 2 hours. My site is back up again.

Time goes by slowly when you're lonely.

The MyBB community is glad you did not hurt yourself during the dark minutes when you could not log on.

 

[AchmatK]

Time goes by slowly when you're lonely.

The MyBB community is glad you did not hurt yourself during the dark minutes when you could not log on.

Thank you for concern

 

[Fulcrum29]

https://twitter.com/x/status/1998334523658878998

We're investigating an issue in which users in the United Kingdom may be unable to access Microsoft Copilot, or experience degraded functionality with some features. For more information, please see CP1193544 in the admin center.

This isn't only down in the UK.

 

[dontcryforme]

https://twitter.com/x/status/1998334523658878998

This isn't only down in the UK.

They upgraded the speech policing API to include terms like "labtards" or "labour retards" and that caused a minor issue

 

[Fulcrum29]

https://twitter.com/x/status/1998334523658878998

This isn't only down in the UK.

Alledgedly the issue is now resolved:

https://twitter.com/x/status/1998436245358158085

M$ wants to bake Copilot into everything. They should take signs like this seriously.

Also, oddly enough, whilst this service amongst others were impacted, some punted Copilot on social media. That can only be PR exercising damage control.

 

[cavedog]

The reason why 502 bad gateway errors are popping up again....

Cloudflare Status

Welcome to Cloudflare's home for real-time and historical data on system performance.

www.cloudflarestatus.com

 

[Herr der Verboten]

The reason why 502 bad gateway errors are popping up again....

Cloudflare Status

Welcome to Cloudflare's home for real-time and historical data on system performance.

www.cloudflarestatus.com

View attachment 1872331

/agshemhug

 

[_Jakes_]

 

[Herr der Verboten]

/drinks ice cold beer