yii2-authclient — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in yii2-authclient, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-50714	The Oauth2 PKCE implementation is vulnerable CWE-918	6.8	Medium	2023-12-22
CVE-2023-50708	yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation CWE-203	6.1	Medium	2023-12-22

All 2 known CVE vulnerabilities affecting yii2-authclient with full Chinese analysis, references, and POCs where available.