| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-48493 | Yii 2 Redis may expose AUTH paramters in logs in case of connection failure | yiisoft | yii2-redis | - | - | 2025-06-05 16:33:20 | Deep Dive |
| CVE-2025-2690 | yiisoft Yii2 MockClass.php generate deserialization | yiisoft | Yii2 | Medium | 6.3 | 2025-03-24 07:31:04 | Deep Dive |
| CVE-2025-2689 | yiisoft Yii2 SortableIterator.php getIterator deserialization | yiisoft | Yii2 | Medium | 6.3 | 2025-03-24 07:00:07 | Deep Dive |
| CVE-2024-4990 | Unsafe Reflection in base Component class in yiisoft/yii2 | yiisoft | yiisoft/yii2 | 高危 | - | 2025-03-20 10:11:15 | Deep Dive |
| CVE-2024-32877 | Reflected Cross-site Scripting in yiisoft/yii2 Debug mode | yiisoft | yii2 | Medium | 4.2 | 2024-05-30 19:52:58 | Deep Dive |
| CVE-2023-50714 | The Oauth2 PKCE implementation is vulnerable | yiisoft | yii2-authclient | Medium | 6.8 | 2023-12-22 18:30:03 | Deep Dive |
| CVE-2023-50708 | yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation | yiisoft | yii2-authclient | Medium | 6.1 | 2023-12-22 18:25:02 | Deep Dive |
| CVE-2021-3692 | Use of Predictable Algorithm in Random Number Generator in yiisoft/yii2 | yiisoft | yiisoft/yii2 | 中危 | - | 2021-08-10 15:36:00 | Deep Dive |
| CVE-2021-3689 | Use of Predictable Algorithm in Random Number Generator in yiisoft/yii2 | yiisoft | yiisoft/yii2 | 高危 | - | 2021-08-10 10:21:30 | Deep Dive |
| CVE-2020-15148 | Unsafe deserialization in Yii 2 | yiisoft | yii2 | High | 8.9 | 2020-09-15 18:25:12 | Deep Dive |