All 4 CVE vulnerabilities found in yii, with AI-generated Chinese analysis, references, and POCs.
Vendor: yiisoft
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-32027 | Yii does not prevent XSS in scenarios where fallback error renderer is used CWE-79 | 6.1 | Medium | 2025-04-10 |
| CVE-2024-58136 | Yii 安全漏洞 CWE-424 | 9.0 | Critical | 2025-04-10 |
| CVE-2023-47130 | Unsafe deserialization of user data in yiisoft/yii CWE-502 | 8.1 | High | 2023-11-14 |
| CVE-2022-41922 | yiisoft/yii before v1.1.27 vulnerable to Remote Code Execution if the application calls `unserialize()` on arbitrary user input CWE-502 | 8.1 | High | 2022-11-23 |
All 4 known CVE vulnerabilities affecting yii with full Chinese analysis, references, and POCs where available.