The release of OWASP CRS 4.10.0 brings forth new features and detections, such as the blocking of CVE-2023-5003, prevention of access to PHP variables, and a resolution for false positives related to patterns with '=' following at arbitrary positions.
Coreruleset Release v4.10.0
What's Changed
New features and detections
- feat: block CVE-2023-5003 by @azurit in #3955
- feat: prevent accessing PHP variables by @azurit in #3965
Other Changes
Full Changelog: v4.9.0...v4.10.0