Facade Ignition
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Facade Ignition.
By the Year
In 2026 there have been 0 vulnerabilities in Facade Ignition. Ignition did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 2 | 9.80 |
| 2020 | 1 | 9.80 |
It may take a day or so for new Ignition vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Facade Ignition Security Vulnerabilities
The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Laravel has a "fix variable names" feature
CVE-2021-43996
9.8 - Critical
- November 17, 2021
The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Laravel has a "fix variable names" feature that can lead to incorrect access control.
Ignition before 2.5.2, as used in Laravel and other products
CVE-2021-3129
9.8 - Critical
- January 12, 2021
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
The Ignition component before 2.0.5 for Laravel mishandles globals, _get, _post, _cookie, and _env
CVE-2020-13909
9.8 - Critical
- June 07, 2020
The Ignition component before 2.0.5 for Laravel mishandles globals, _get, _post, _cookie, and _env. NOTE: in the 1.x series, versions 1.16.15 and later are unaffected as a consequence of the CVE-2021-43996 fix.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Facade Ignition or by Facade? Click the Watch button to subscribe.
