On September 24, 2014, a vulnerability was disclosed in the bash software, which is widely used on Linux servers, including those providing CloudFlare's services. This vulnerability allows remote code execution and poses a serious risk to Internet infrastructure. As soon as it became aware of this issue, CloudFlare patched its servers and encouraged users to upgrade their systems. Additionally, the company prepared Web Application Firewall (WAF) rules to protect customers who had not yet patched their own servers.