yiisoft Summary
Latest vulnerabilities published by yiisoft
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Plain Text Exposure in Yii 2 Redis Extension Affects Key-Value Store Security
CVE-2025-48493YiisoftYii2-redis5.1MEDIUMReflected XSS Vulnerability in Yii PHP Framework by Yii Software
CVE-2025-32027YiisoftYii6.1MEDIUMDeserialization Issue in Yii Framework by Yii Software LLC
CVE-2025-2690YiisoftYii2πΎπ‘5.3MEDIUMDeserialization Vulnerability in Yii2 by Yii Software LLC
CVE-2025-2689YiisoftYii2πΎπ‘5.3MEDIUMVulnerability in Yii Framework Affects Behavior Class Validation
CVE-2024-4990YiisoftYiisoft/yii29.1CRITICALCross-site Scripting (XSS) Vulnerability in Yii 2 Affects Latest Version 2.0.49.3
CVE-2024-32877YiisoftYii24.2MEDIUMyii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation
CVE-2023-50708yiisoftyii2-authclient6.1MEDIUMThe Oauth2 PKCE implementation is vulnerable
CVE-2023-50714YiisoftYii2-authclient6.8MEDIUMUnsafe deserialization of user data in yiisoft/yii
CVE-2023-47130YiisoftYii8.1HIGHyiisoft/yii before v1.1.27 vulnerable to Remote Code Execution if the application calls `unserialize()` on arbitrary user input
CVE-2022-41922YiisoftYii8.1HIGHUse of Predictable Algorithm in Random Number Generator in yiisoft/yii2
CVE-2021-3692YiisoftYiisoft/yii28.1HIGHUse of Predictable Algorithm in Random Number Generator in yiisoft/yii2
CVE-2021-3689YiisoftYiisoft/yii28.1HIGHUnsafe deserialization in Yii 2
CVE-2020-15148YiisoftYii2πΎπ‘EPSS 93%8.9HIGH