yiisoft Summary
Latest vulnerabilities published by yiisoft
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Reflected XSS Vulnerability in Yii PHP Framework by Yii Software
CVE-2025-32027YiisoftYii6.1MEDIUMDeserialization Issue in Yii Framework by Yii Software LLC
CVE-2025-2690YiisoftYii2πΎπ‘5.3MEDIUMDeserialization Vulnerability in Yii2 by Yii Software LLC
CVE-2025-2689YiisoftYii2πΎπ‘5.3MEDIUMVulnerability in Yii Framework Affects Behavior Class Validation
CVE-2024-4990YiisoftYiisoft/yii29.1CRITICALCross-site Scripting (XSS) Vulnerability in Yii 2 Affects Latest Version 2.0.49.3
CVE-2024-32877YiisoftYii24.2MEDIUMyii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation
CVE-2023-50708yiisoftyii2-authclient6.1MEDIUMThe Oauth2 PKCE implementation is vulnerable
CVE-2023-50714YiisoftYii2-authclient6.8MEDIUMUnsafe deserialization of user data in yiisoft/yii
CVE-2023-47130YiisoftYii8.1HIGHyiisoft/yii before v1.1.27 vulnerable to Remote Code Execution if the application calls `unserialize()` on arbitrary user input
CVE-2022-41922YiisoftYii8.1HIGHUse of Predictable Algorithm in Random Number Generator in yiisoft/yii2
CVE-2021-3692YiisoftYiisoft/yii28.1HIGHUse of Predictable Algorithm in Random Number Generator in yiisoft/yii2
CVE-2021-3689YiisoftYiisoft/yii28.1HIGHUnsafe deserialization in Yii 2
CVE-2020-15148YiisoftYii2πΎπ‘EPSS 91%8.9HIGH
10 April 2025
24 March 2025
20 March 2025
30 May 2024
22 December 2023
14 November 2023
23 November 2022
10 August 2021
15 September 2020
No more vulnerabilities to load.