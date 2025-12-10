Changelog
New updates and improvements at Cloudflare.
Subscribe to RSS
View all RSS feeds
WAF Release - 2025-12-10 - Emergency
This additional week's emergency release introduces improvements to our existing rule for React – Remote Code Execution – CVE-2025-55182 - 2, along with two new generic detections covering server-side function exposure and resource-exhaustion patterns.
Key Findings
Enhanced detection logic for React – RCE – CVE-2025-55182, added Generic – Server Function Source Code Exposure, and added Generic – Server Function Resource Exhaustion.
Impact
These updates strengthen protection against React RCE exploitation attempts and broaden coverage for common server-function abuse techniques that may expose internal logic or disrupt application availability.
|Ruleset
|Rule ID
|Legacy Rule ID
|Description
|Previous Action
|New Action
|Comments
|Cloudflare Managed Ruleset
|N/A
|React - Remote Code Execution - CVE:CVE-2025-55182 - 2
|N/A
|Block
|This is an improved detection.
|Cloudflare Free Ruleset
|N/A
|React - Remote Code Execution - CVE:CVE-2025-55182 - 2
|N/A
|Block
|This is an improved detection.
|Cloudflare Managed Ruleset
|N/A
|Generic - Server Function Source Code Exposure
|N/A
|Block
|This is a new detection.
|Cloudflare Free Ruleset
|N/A
|Generic - Server Function Source Code Exposure
|N/A
|Block
|This is a new detection.
|Cloudflare Managed Ruleset
|N/A
|Generic - Server Function Resource Exhaustion
|N/A
|Disabled
|This is a new detection.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Directory
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- © 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark
-