GSA_kwCzR0hTQS1tNm04LTZncTgtYzlmas4AAzbB

Critical EPSS: 0.00575% (0.67617 Percentile) EPSS:

Permalink JSON

Remote Code Execution Vulnerability in Validation Placeholders in CodeIgniter4

Affected Packages	Affected Versions	Fixed Versions
packagist:codeigniter4/framework	< 4.3.5	4.3.5
257 Dependent packages 2,160 Dependent repositories 2,945,352 Downloads total Affected Version Ranges All affected versions 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.10, 4.2.11, 4.2.12, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4 All unaffected versions 4.3.5, 4.3.6, 4.3.7, 4.3.8, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.6, 4.4.7, 4.4.8, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, 4.5.6, 4.5.7, 4.5.8, 4.6.0, 4.6.1, 4.6.2

Impact

This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders.

The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally.

Patches

Upgrade to v4.3.5 or later.

Workarounds

Setting validation rules with an array.

E.g.:

$validation->setRules([
    'email' => ['required', 'valid_email, 'is_unique[users.email,id,{id}]'],
]);

References

For more information

If you have any questions or comments about this advisory:

Open an issue in codeigniter4/CodeIgniter4
Email us at SECURITY.md

References:

Identifiers

GHSA-m6m8-6gq8-c9fj

CVE-2023-32692

Risk

Severity

Critical

EPSS

EPSS Percentage: 0.00575

EPSS Percentile: 0.67617

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/codeigniter4/CodeIgniter4

Date and time

Published

about 2 years ago

Updated

over 1 year ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories