General Information: Retrospective: Possible Vulnerability in our TLS Termination Software
General Information: Retrospective: Possible Vulnerability in our TLS Termination Software
07 September 2023, 14:15 UTC
07 September 2023, 14:15 UTC
On Friday, the 1st of September 2023 a third party Security Researcher posted to social media that they had shared a possible vulnerability with Fastly and that we were delayed in responding to their security report.
Fastly Engineering has reviewed this report and identified minimal risk to Fastly customers, due to Fastly-specific architecture. In addition, our engineers have prepared and deployed a configuration update that has resolved any remaining possibility of an exploit.
This issue is resolved. Our investigation showed no evidence of any exploit of the vulnerability, and there are no further actions for our customers.
07 September 2023, 14:18 UTC
07 September 2023, 14:18 UTC
This incident is resolved.
For more information about this retrospective status post, please reach out to Support through https://support.fastly.com.