CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-10-31T15:03:51.798Z
Updated: 2023-10-31T15:03:51.798Z
Reserved: 2023-10-19T20:34:00.947Z
Link: CVE-2023-46240
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-31T16:15:09.617
Modified: 2023-11-08T23:43:22.447
Link: CVE-2023-46240
JSON object: View
Redhat Information
No data.
CWE