Release-Apr-14-2025 (#21685)

vs-mg · RebeccaTamachiro · commit a83841b8aabb · 2025-04-21T11:07:04.000+01:00
diff --git a/src/content/docs/waf/change-log/2025-04-14.mdx b/src/content/docs/waf/change-log/2025-04-14.mdx
@@ -0,0 +1,37 @@
+---
+title: "2025-04-14"
+type: table
+pcx_content_type: release-notes
+sidebar:
+  order: 793
+tableOfContents: false
+---
+
+import { RuleID } from "~/components";
+
+<table style="width: 100%">
+	<thead>
+		<tr>
+			<th>Ruleset</th>
+			<th>Rule ID</th>
+			<th>Legacy Rule ID</th>
+			<th>Description</th>
+			<th>Previous Action</th>
+			<th>New Action</th>
+			<th>Comments</th>
+		</tr>
+	</thead>
+	<tbody>
+		<tr>
+			<td>Cloudflare Managed Ruleset</td>
+			<td>
+				<RuleID id="9209bb65527f4c088bca5ffad6b2d36c" />
+			</td>
+			<td>100739A</td>
+			<td>Next.js - Auth Bypass - CVE:CVE-2025-29927 - 2</td>
+			<td>Log</td>
+			<td>Disabled</td>
+			<td>This is a New Detection</td>
+		</tr>
+	</tbody>
+</table>
diff --git a/src/content/docs/waf/change-log/scheduled-changes.mdx b/src/content/docs/waf/change-log/scheduled-changes.mdx
@@ -25,14 +25,69 @@ import { RSSButton, RuleID } from "~/components";
 	</thead>
 	<tbody>
 		<tr>
-			<td>2025-04-01</td>
-			<td>2025-04-07</td>
+			<td>2025-04-14</td>
+			<td>2025-04-21</td>
 			<td>Log</td>
-			<td>100739A</td>
+			<td>100738</td>
 			<td>
-				<RuleID id="9209bb65527f4c088bca5ffad6b2d36c" />
+				<RuleID id="faa032d9825e4844a1188f3ba5be3327" />
 			</td>
-			<td>Next.js - Auth Bypass - CVE:CVE-2025-29927 - 2</td>
+			<td>GitLab - Auth Bypass - CVE:CVE-2023-7028</td>
+			<td>This is a New Detection</td>
+		</tr>
+		<tr>
+			<td>2025-04-14</td>
+			<td>2025-04-21</td>
+			<td>Log</td>
+			<td>100740</td>
+			<td>
+				<RuleID id="2e96b6d5cdd94f7782b90e266c9531fa" />
+			</td>
+			<td>Splunk Enterprise - Remote Code Execution - CVE:CVE-2025-20229</td>
+			<td>This is a New Detection</td>
+		</tr>
+		<tr>
+			<td>2025-04-14</td>
+			<td>2025-04-21</td>
+			<td>Log</td>
+			<td>100741</td>
+			<td>
+				<RuleID id="5c9c095bc1e5411195edb893f40bbc2b" />
+			</td>
+			<td>Oracle PeopleSoft - Remote Code Execution - CVE:CVE-2023-22047</td>
+			<td>This is a New Detection</td>
+		</tr>
+		<tr>
+			<td>2025-04-14</td>
+			<td>2025-04-21</td>
+			<td>Log</td>
+			<td>100742</td>
+			<td>
+				<RuleID id="1d7a3932296c42fd827055335462167c" />
+			</td>
+			<td>CrushFTP - Auth Bypass - CVE:CVE-2025-31161</td>
+			<td>This is a New Detection</td>
+		</tr>
+		<tr>
+			<td>2025-04-14</td>
+			<td>2025-04-21</td>
+			<td>Log</td>
+			<td>100743</td>
+			<td>
+				<RuleID id="5eb7ed601e6844828b9bdb05caa7b208" />
+			</td>
+			<td>Ivanti - Buffer Error - CVE:CVE-2025-22457</td>
+			<td>This is a New Detection</td>
+		</tr>
+		<tr>
+			<td>2025-04-14</td>
+			<td>2025-04-21</td>
+			<td>Log</td>
+			<td>100744</td>
+			<td>
+				<RuleID id="410317f1e32b41859fa3214dd52139a8" />
+			</td>
+			<td>Oracle Access Manager - Remote Code Execution - CVE:CVE-2021-35587</td>
 			<td>This is a New Detection</td>
 		</tr>
 	</tbody>
diff --git a/src/content/release-notes/waf.yaml b/src/content/release-notes/waf.yaml
@@ -5,11 +5,14 @@ productLink: "/waf/"
 productArea: Application security
 productAreaLink: /fundamentals/reference/changelog/security/
 entries:
-  - publish_date: "2025-04-02"
-    scheduled_date: "2025-04-07"
+  - publish_date: "2025-04-14"
+    scheduled_date: "2025-04-21"
     individual_page: true
     scheduled: true
     link: "/waf/change-log/scheduled-changes/"
+  - publish_date: "2025-04-14"
+    individual_page: true
+    link: "/waf/change-log/2025-04-14/"
   - publish_date: "2025-04-02"
     individual_page: true
     link: "/waf/change-log/2025-04-02/"
