-
-
Notifications
You must be signed in to change notification settings - Fork 455
Pull requests: coreruleset/coreruleset
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
fix(932180): enforce boundaries for high-risk false positives entries
#4632
opened May 7, 2026 by
EsadCetiner
Member
Loading…
6 of 12 tasks
feat: add base64 decode to In this PR we introduce a new detection
921140 and detect cpanel CVE-2026-41940
release:new-detection
#4628
opened May 3, 2026 by
EsadCetiner
Member
•
Draft
3 of 12 tasks
test: add containerized default go-ftw tests to docker compose file
#4627
opened May 1, 2026 by
studersi
Contributor
Loading…
6 of 12 tasks
fix(932): add backslash-prefix evasion to shell command detection
#4599
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
fix(932130): detect ANSI-C quoting hex-encoded commands
#4598
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
fix(942190,942230): detect SQLite == and GLOB, PostgreSQL ARRAY @>
#4597
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
fix(932270): require boundary before tilde expansion patterns
#4596
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
fix(932330): require non-alphanumeric prefix for bash negation pattern
#4595
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
fix(932): require arguments for base64, lastlog, lastlogin
#4593
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
fix(932): remove w from Unix no-arguments command list
#4592
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
fix(932): remove brace from Unix shell evasion prefix
#4591
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
fix(943110): remove generic session-id and session_id from PL1
#4590
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
fix(942550): restrict first SQLite/PostgreSQL branch to single-quote and backtick
#4589
opened Mar 30, 2026 by
zoutjebot
Contributor
Loading…
feat(921300): Query delimiter confusion
#4571
opened Mar 26, 2026 by
touchweb-vincent
Contributor
Loading…
2 of 11 tasks
refactor: create 941170
.ra file
🧙 regex-assembly
release:refactor
#4493
opened Mar 1, 2026 by
fzipi
Member
Loading…
fix(921422): reduce false positive
#4433
opened Jan 28, 2026 by
touchweb-vincent
Contributor
Loading…
2 of 11 tasks
feat(942500): stronger hardening to improve PL1 protection
#4328
opened Nov 9, 2025 by
touchweb-vincent
Contributor
Loading…
fix(942360): avoid c-type comment evasion
#4325
opened Nov 7, 2025 by
touchweb-vincent
Contributor
Loading…
feat: add rule 920442 on PL3 to detect more file extensions
#4324
opened Nov 7, 2025 by
touchweb-vincent
Contributor
Loading…
feat: add rule 920550 on PL2 to detect more file extensions
#4323
opened Nov 7, 2025 by
touchweb-vincent
Contributor
Loading…
chore: improves quant output with run details
release:ignore
Ignore for changelog release
#4318
opened Nov 3, 2025 by
M4tteoP
Member
Loading…
fix(931130): Isolating 2-chars sequence with high risk of false positive on high entropy input
⚠️ do not merge
Additional work or discussion is needed despite passing tests
#4304
opened Oct 22, 2025 by
touchweb-vincent
Contributor
Loading…
feat: add 921500 - Nonstandard urlencode characters in path
#4302
opened Oct 22, 2025 by
touchweb-vincent
Contributor
Loading…
3 of 11 tasks
Previous Next
ProTip!
no:milestone will show everything without a milestone.