choreo-waf-poc

waf-poc — Choreo CP WAF Bake-Off OpenResty Three-way WAF ev...

Adversarial SQL Injection Generation with LLM-Based Architectures

SQL injection SQLi attacks are still one of the serious attacks ranked in the Open Worldwide Application Security Project OWASP Top 10 threats. Today, with advances in Artificial Intelligence AI, especially in Large Language Models LLMs, an opportunity has been created for automating adversarial...

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4Shell Security Lab — nginx + Coraza WAF Mục đích giáo...

CVE-2023-40586

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Due to the misuse of log.Fatalf, the application using coraza crashed after receiving crafted requests from attackers. The application will immediately crash after receiving a malicious request that triggers an...

PT-2026-2115

Name of the Vulnerable Software and Affected Versions OWASP Core Rule Set versions prior to 4.22.0 OWASP Core Rule Set versions prior to 3.3.8 Description A bug in rule 922110 affects the processing of multipart requests with multiple parts. When the first rule in a chain iterates over a collecti...

EUVD-2025-7160

Malicious code in bioql PyPI...

EUVD-2023-1768

Malicious code in bioql PyPI...

SUSE CVE-2025-29914

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUESTFILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUESTFILENAME will be...

WAF Bypass

github.com/corazawaf/coraza is vulnerable to WAF Bypass. The vulnerability is due to improper URI normalization or incorrect parsing of request URIs that start with //, allows an attacker to bypass security rules and potentially evade WAF protections, leading to an incorrect REQUESTFILENAME value...

GO-2025-3537 OWASP Coraza WAF has parser confusion which leads to wrong URI in `REQUEST_FILENAME` in github.com/corazawaf/coraza

OWASP Coraza WAF has parser confusion which leads to wrong URI in REQUESTFILENAME in github.com/corazawaf/coraza...

CVE-2025-29914

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUESTFILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUESTFILENAME will be...

OWASP Coraza WAF has parser confusion which leads to wrong URI in `REQUEST_FILENAME`

Summary URLs starting with // are not parsed properly, and the request REQUESTFILENAME variable contains a wrong value, leading to potential rules bypass. Details If a request is made on an URI starting with //, coraza will set a wrong value in REQUESTFILENAME. For example, if the URI...

GHSA-Q9F5-625G-XM39 OWASP Coraza WAF has parser confusion which leads to wrong URI in `REQUEST_FILENAME`

Summary URLs starting with // are not parsed properly, and the request REQUESTFILENAME variable contains a wrong value, leading to potential rules bypass. Details If a request is made on an URI starting with //, coraza will set a wrong value in REQUESTFILENAME. For example, if the URI...

CVE-2025-29914

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUESTFILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUESTFILENAME will be...

CVE-2025-29914 OWASP Coraza WAF has parser confusion which leads to wrong URI in `REQUEST_FILENAME`

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUESTFILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUESTFILENAME will be...

CVE-2025-29914 OWASP Coraza WAF has parser confusion which leads to wrong URI in `REQUEST_FILENAME`

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUESTFILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUESTFILENAME will be...

CVE-2025-29914 OWASP Coraza WAF has parser confusion which leads to wrong URI in `REQUEST_FILENAME`

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUESTFILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUESTFILENAME will be...

CVE-2025-29914

OWASP Coraza WAF (Go library, modsecurity-compatible) is affected by a parser confusion that yields a wrong REQUEST_FILENAME when the URI starts with //, enabling a potential rules bypass. The issue stems from how the parser maps // URIs to filesystem paths and is fixed in Coraza 3.3.3. Connected...

OWASP Coraza WAF 安全漏洞

OWASP Coraza WAF is a golang modsecurity-compatible web application firewall library from Coraza open source. A security vulnerability exists in OWASP Coraza WAF versions prior to 3.3.3, which stems from mishandling of URI requests that begin with //, which could lead to rule bypass...

CVE-2023-40586 go package github.com/corazawaf/coraza is vulnerable to denial of service

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Due to the misuse of log.Fatalf, the application using coraza crashed after receiving crafted requests from attackers. The application will immediately crash after receiving a malicious request that triggers an...