Hi all,
I came across this German article which identifies a potential Cloudflare security vulnerability due to Cloudflare’s cross-user trust in their own certificates. This allows other Cloudflare users who also use Cloudflare’s own certificate to establish legitimate and trusted connections to other users’ servers.
Unfortunately, I’m not good at assessing the risk myself, so how do you guys see the risk of using it with this Homeassistant addon and with Homeassistant in general? Cloudflare itself, according to this article, closed the issue by calling it “informative” and apparently hasn’t done anything since.