Cloudflare Outage: Update Issues Resolved | Status & Details

by Mark Thompson
written by Mark Thompson

Cloudflare Resolves Network Outage Triggered by React vulnerability Mitigation

Table of Contents

A recent update to Cloudflare’s web request firewall caused a network outage impacting a meaningful portion of the internet on Friday, December 5, the company confirmed.

Cloudflare, a critical infrastructure provider for roughly 20% of all websites, reported “service issues” beginning at 08:56 UTC. The initial alert indicated problems with the Cloudflare Dashboard and related APIs, potentially causing request failures and errors for users. A fix was implemented by 09:12 UTC, and the incident was fully resolved by 09:20 UTC.

According to a company release, the disruption stemmed from a change intended to address a recently disclosed security vulnerability in react Server Components. “A change made to how Cloudflare’s Web Application Firewall parses requests caused Cloudflare’s network to be unavailable for several minutes this morning,” the company stated.”This was not an attack; the change was deployed by our team to help mitigate the industry-wide vulnerability.” React, a popular library for building user interfaces, issued a warning on Wednesday, December 3, urging users to upgrade to a patched version to address the security flaw.

Did you know? – Cloudflare protects roughly 20% of all websites, making it a crucial part of the internet’s infrastructure. Outages can have widespread consequences.

widespread Impact Across Key Services

The outage had a ripple effect,taking down websites for a diverse range of organizations and businesses. Reports from Bloomberg indicated that several banks, alongside Shopify, Zoom, LinkedIn, and the governments of Norway and Sweden, experienced disruptions. CNBC further reported that Coinbase, Substack, HSBC, and Deliveroo were also affected.

Outage-tracking data from Downdetector showed a peak of approximately 2,000 reports during the incident, according to Reuters. This incident follows a similar outage on November 18, which impacted high-profile services like ChatGPT, other artificial intelligence platforms, and X (formerly Twitter).

Pro tip: – regularly updating software libraries, like React, is essential for security. Patches often address vulnerabilities that could be exploited by attackers.

Cloudflare Addresses Recurring Reliability Concerns

Following the November 18 outage, Cloudflare Chief technology Officer Dane Knecht publicly acknowledged the company’s shortcomings. In a post on X, Knecht stated, “I won’t mince words: earlier today we failed our customers and the broader Internet when a problem in @Cloudflare network impacted large amounts of traffic that rely on us. The sites, businesses, and organizations that rely on Cloudflare depend on us being available and I…” He further emphasized the company’s commitment to regaining customer trust, adding, “The trust our customers place in us is what we value the most, and we are going to do what it takes to earn that back.”

These recurring incidents raise questions about the resilience of critical interne

Reader question: – How can companies balance the need for rapid security updates with the risk of introducing new disruptions to their services?

Why did it happen? The outage was triggered by a change Cloudflare made to its Web Application Firewall (WAF) to mitigate a recently disclosed security vulnerability in React Server Components.
Who was affected? Approximately 20% of all websites,including major services like Shopify,Zoom,LinkedIn,Coinbase,and government sites in Norway and Sweden,experienced disruptions.
What was the impact? Websites were unavailable or experienced errors, impacting users and businesses relying on those services. Downdetector recorded around 2,000 reports at the peak

Mark Thompson – Business Editor

Financial analyst-turned-journalist. Covers global markets, fintech, and policy. Known for plain-English explainers on complex economics.

Leave a Comment