[CRITICAL] CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability

PKSA-7ybs-j1bv-y5mc CVE-2025-54418 GHSA-9952-gv64-x94c

Affected version: <4.6.2

Reported by:
GitHub

[MEDIUM] Missing validation of header name and value in codeigniter4/framework

PKSA-qbjf-dc24-wrff CVE-2025-24013 GHSA-x5mq-jjr3-vmx6

Affected version: <4.5.8

Reported by:
GitHub

[HIGH] CodeIgniter4 DoS Vulnerability

PKSA-j54j-8c7k-rccq CVE-2024-29904 GHSA-39fp-mqmm-gxj6

Affected version: <4.4.7

Reported by:
GitHub

[HIGH] CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment

PKSA-mscv-ktn8-2rsz CVE-2023-46240 GHSA-hwxf-qxj7-7rfj

Affected version: <=4.4.2

Reported by:
GitHub