Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

16 advisories

Loading
Missing validation of header name and value in codeigniter4/framework Moderate
CVE-2025-24013 was published for codeigniter4/framework (Composer) Jan 21, 2025
neznaika0
CodeIgniter4 DoS Vulnerability High
CVE-2024-29904 was published for codeigniter4/framework (Composer) Mar 29, 2024
colethorsen
Cleartext Storage of Sensitive Information in HMAC SHA256 Authentication Moderate
CVE-2023-48707 was published for codeigniter4/shield (Composer) Nov 23, 2023
Insertion of Sensitive Information into Log Moderate
CVE-2023-48708 was published for codeigniter4/shield (Composer) Nov 23, 2023
CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment High
CVE-2023-46240 was published for codeigniter4/framework (Composer) Oct 30, 2023
psuet
Remote Code Execution Vulnerability in Validation Placeholders in CodeIgniter4 Critical
CVE-2023-32692 was published for codeigniter4/framework (Composer) May 22, 2023
Password Shucking Vulnerability Moderate
CVE-2023-27580 was published for codeigniter4/shield (Composer) Mar 13, 2023
jreklund
CodeIgniter4 Potential Session Handlers Vulnerability High
CVE-2022-46170 was published for codeigniter4/framework (Composer) Dec 22, 2022
srtnlgn
CodeIgniter4 allows spoofing of IP address when using proxy High
CVE-2022-23556 was published for codeigniter4/framework (Composer) Dec 22, 2022
Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued Low
CVE-2022-39284 was published for codeigniter4/framework (Composer) Oct 6, 2022
CodeIgniter Shield Vulnerable to SameSite Attackers Bypassing the CSRF Protection Moderate
CVE-2022-35943 was published for codeigniter4/shield (Composer) Aug 18, 2022
wert310 pedromigueladao
lavish
CodeIgniter Improper Privilege Management High
CVE-2020-10793 was published for codeigniter4/framework (Composer) May 24, 2022
Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4 Moderate
CVE-2022-24712 was published for codeigniter4/framework (Composer) Mar 1, 2022
Remote CLI Command Execution Vulnerability in CodeIgniter4 Critical
CVE-2022-24711 was published for codeigniter4/framework (Composer) Mar 1, 2022
iRedds
Cross-site Scripting Vulnerability in CodeIgniter4 Moderate
CVE-2022-21715 was published for codeigniter4/framework (Composer) Jan 27, 2022
kenjis
Deserialization of Untrusted Data in Codeigniter4 High
CVE-2022-21647 was published for codeigniter4/framework (Composer) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database