VYPR

Coraza

by Coredns

Source repositories

CVEs (2)

  • CVE-2025-29914MedMar 20, 2025
    risk 0.28cvss 5.4epss 0.00

    OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUEST_FILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: ,…

  • CVE-2023-40586Aug 25, 2023
    risk 0.00cvss epss 0.01

    OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Due to the misuse of `log.Fatalf`, the application using coraza crashed after receiving crafted requests from attackers. The application will immediately crash after receiving a malicious…