{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T05:24:01.781","vulnerabilities":[{"cve":{"id":"CVE-2023-46240","sourceIdentifier":"security-advisories@github.com","published":"2023-10-31T16:15:09.617","lastModified":"2024-11-21T08:28:08.787","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`."},{"lang":"es","value":"CodeIgniter es un framework web PHP de pila completa. Antes de CodeIgniter4 versión 4.4.3, si se producía un error o una excepción, se mostraba un informe de error detallado incluso en el entorno de producción. Como resultado, se puede filtrar información confidencial. La versión 4.4.3 contiene un parche. Como workaround, reemplace `ini_set('display_errors', '0')` con `ini_set('display_errors', 'Off')` en `app/Config/Boot/production.php`."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-209"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.3","matchCriteriaId":"04B25A7E-3363-492A-A24A-B7D0087E9DAA"}]}]}],"references":[{"url":"https://codeigniter4.github.io/userguide/general/errors.html#error-reporting","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://codeigniter4.github.io/userguide/general/errors.html#error-reporting","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}