-
-
Notifications
You must be signed in to change notification settings - Fork 405
Insights: coreruleset/coreruleset
Overview
Could not load contribution data
Please try again later
1 Release published by 1 person
-
v4.16.0
published
Jun 29, 2025
25 Pull requests merged by 5 people
-
chore(deps): update owasp/modsecurity-crs:nginx docker digest to 6dd9a8a in tests/docker-compose.yml
#4181 merged
Jul 7, 2025 -
fix(950150): commit bad version
#4183 merged
Jul 7, 2025 -
feat: added detection for ASP.NET errors
#4092 merged
Jul 5, 2025 -
feat: Update java-classes.data
#4173 merged
Jul 4, 2025 -
fix: use word bondary on 952110 to avoid matching non-java errors
#4177 merged
Jul 2, 2025 -
chore: post-release v4.17.0-dev
#4176 merged
Jun 29, 2025 -
fix(951xxx): remove dot star
#4171 merged
Jun 29, 2025 -
chore: release v4.16.0
#4175 merged
Jun 29, 2025 -
feat: added zmodload and sudo-rs
#4143 merged
Jun 29, 2025 -
feat: added MongoDB operators
#4162 merged
Jun 27, 2025 -
feat: added rule to detect Bash Brace Expansion
#3780 merged
Jun 26, 2025 -
fix(933160): remove dot star
#4167 merged
Jun 26, 2025 -
refactor(942340): move to regex assembly
#4014 merged
Jun 24, 2025 -
feat: update
java-errors.data#4113 merged
Jun 24, 2025 -
fix(942340): remove dot star
#4164 merged
Jun 24, 2025 -
fix: create a stricter sibling to 932370 and move
atto PL-2 (932370 PL-1, 932371 PL-2)#4015 merged
Jun 23, 2025 -
feat: detect generic config filenames
#4102 merged
Jun 21, 2025 -
fix(933150): moving printf to 933160 for additional php syntax check (933150 PL-1, 933160 PL-1)
#3840 merged
Jun 21, 2025 -
fix(955xxx): remove dot star
#4169 merged
Jun 20, 2025 -
fix(932370): remove dot star
#4166 merged
Jun 20, 2025 -
fix(934140): remove dot star
#4165 merged
Jun 20, 2025 -
fix: update rule 942560
#4161 merged
Jun 16, 2025 -
chore(deps): update owasp/modsecurity-crs:nginx docker digest to daaa967 in tests/docker-compose.yml
#4159 merged
Jun 9, 2025
6 Pull requests opened by 5 people
-
fix(932205): remove dot star
#4168 opened
Jun 20, 2025 -
fix(942550): remove dot star
#4178 opened
Jul 4, 2025 -
refactor: Suggestion to increase paranoia of 942430
#4179 opened
Jul 4, 2025 -
ci: add pre-commit crs-toolchain run
#4182 opened
Jul 7, 2025 -
[pre-commit.ci] pre-commit autoupdate
#4185 opened
Jul 7, 2025 -
feat: add file which contains rule id's without tests
#4186 opened
Jul 7, 2025
7 Issues closed by 5 people
-
Monthly Chat Agenda June 2025-06-02
#4153 closed
Jul 7, 2025 -
Dependency Dashboard
#3996 closed
Jul 7, 2025 -
Block access to ClassLoader
#4172 closed
Jul 4, 2025 -
update `java-errors.data`
#4073 closed
Jun 24, 2025 -
Rule 932370 has false positive for "At" after newline
#3953 closed
Jun 23, 2025 -
Rule 933150 Has False Positive for URLs
#3641 closed
Jun 21, 2025 -
Bulk deleting user accounts in WordPress results in 404 - triggered by 921180
#4154 closed
Jun 11, 2025
4 Issues opened by 3 people
-
Monthly Chat Agenda July 2025 (2025-07-07)
#4184 opened
Jul 7, 2025 -
Add pre-commit to execute crs-toolchain to fix when regexes are changed
#4174 opened
Jun 27, 2025 -
false positive 921110 when sending large Attachments via iPhone client
#4170 opened
Jun 20, 2025 -
Add to 2 rules severity: CRITIC and output of additional alarm data
#4160 opened
Jun 10, 2025
19 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
feat: added detection for RCE via Referer header
#3993 commented on
Jul 7, 2025 • 15 new comments -
feat: added detection for ruby errors and code leakage
#4089 commented on
Jul 7, 2025 • 10 new comments -
fix(932130): use lazy regex
#3730 commented on
Jun 26, 2025 • 3 new comments -
chore: update restricted-upload-data with crs-toolchain
#4117 commented on
Jul 7, 2025 • 1 new comment -
fix(942550): cleanup regex
#3767 commented on
Jul 7, 2025 • 1 new comment -
feat(942480): move to regex assembly
#4032 commented on
Jul 3, 2025 • 0 new comments -
fix(test): move xss test from 942180 to 941330
#4012 commented on
Jun 12, 2025 • 0 new comments -
fix(942390): move to regex-assembly
#4011 commented on
Jun 16, 2025 • 0 new comments -
feat: Add product name tags
#3960 commented on
Jun 30, 2025 • 0 new comments -
chore: add quant as comment
#3925 commented on
Jun 22, 2025 • 0 new comments -
chore: find rules without test
#3881 commented on
Jun 27, 2025 • 0 new comments -
feat: added detection for quote evasion
#3813 commented on
Jun 15, 2025 • 0 new comments -
fix(security): resolve SQL injection protection bypass (942380 PL2)
#3720 commented on
Jun 13, 2025 • 0 new comments -
update file `java-errors.data`
#2653 commented on
Jul 7, 2025 • 0 new comments -
False positive with rule 942440 and Punycode domain name conversion (IDNA encoding)
#3335 commented on
Jul 3, 2025 • 0 new comments -
GraphQL - problem with the exception definition
#2788 commented on
Jul 3, 2025 • 0 new comments -
Detect RCE in fragments of URLs in Referer header (932205)
#3498 commented on
Jun 28, 2025 • 0 new comments -
Add a stricter sibling to 954100
#4119 commented on
Jun 19, 2025 • 0 new comments -
Paranoia Level 1 does not catch sqlite expression (double ==)
#4121 commented on
Jun 11, 2025 • 0 new comments