Описание
CodeIgniter4 DoS Vulnerability
Impact
A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server.
Patches
Upgrade to v4.4.7 or later. See upgrading guide.
Workarounds
- Disabling Auto Routing prevents a known attack vector in the framework.
- Do not pass invalid values to the
lang()function orLanguageclass.
References
Пакеты
Наименование
codeigniter4/framework
composer
Затронутые версииВерсия исправления
< 4.4.7
4.4.7
Связанные уязвимости
CVSS3: 7.5
nvd
почти 2 года назад
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later.
CVSS3: 7.5
debian
почти 2 года назад
CodeIgniter is a PHP full-stack web framework A vulnerability was foun ...