codeigniter4 — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting codeigniter4. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by codeigniter4:CodeIgniter4 shield

CVE ID	Title	CVSS	Severity	Published
CVE-2025-54418	CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability — CodeIgniter4CWE-78	9.8	Critical	2025-07-28
CVE-2025-24013	CodeIgniter validation of header name and value — CodeIgniter4CWE-436	5.3	Medium	2025-01-20
CVE-2024-29904	CodeIgniter4 Language class DoS Vulnerability — CodeIgniter4CWE-835	7.5	High	2024-03-29
CVE-2023-48707	Cleartext Storage of Sensitive Information in codeigniter4/shield — shieldCWE-312	5.0	Medium	2023-11-24
CVE-2023-48708	Insertion of Sensitive Information into Log in codeigniter4/shield — shieldCWE-532	5.0	Medium	2023-11-24
CVE-2023-46240	CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment — CodeIgniter4CWE-209	7.5	High	2023-10-31
CVE-2023-32692	Remote Code Execution Vulnerability in Validation Placeholders — CodeIgniter4CWE-94	9.8	Critical	2023-05-30
CVE-2023-27580	CodeIgniter Shield Password Shucking Vulnerability — shieldCWE-916	7.5	High	2023-03-13
CVE-2022-46170	CodeIgniter is vulnerable to improper authentication via Session Handlers — CodeIgniter4CWE-287	8.6	High	2022-12-22
CVE-2022-23556	CodeIgniter is vulnerable to IP address spoofing when using proxy — CodeIgniter4CWE-345	7.0	High	2022-12-22
CVE-2022-39284	Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued in Codeigniter4 — CodeIgniter4CWE-665	2.6	Low	2022-10-06
CVE-2022-35943	SameSite may allow cross-site request forgery (CSRF) protection to be bypassed — shieldCWE-352	5.9	Medium	2022-08-12
CVE-2022-24712	Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4 — CodeIgniter4CWE-352	6.3	Medium	2022-02-28
CVE-2022-24711	Remote CLI Command Execution Vulnerability in CodeIgniter4 — CodeIgniter4CWE-20	9.4	Critical	2022-02-28
CVE-2022-21715	Cross-site Scripting Vulnerability in CodeIgniter4 — CodeIgniter4CWE-79	5.4	Medium	2022-01-24
CVE-2022-21647	Deserialization of Untrusted Data in Codeigniter4 — CodeIgniter4CWE-502	7.7	High	2022-01-04

This page lists every published CVE security advisory associated with codeigniter4. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

codeigniter4 — Vulnerabilities & Security Advisories 16