yiisoft/yii2-redis Security Advisories for 2.0.1 (2)
-
[MEDIUM] Yii 2 Redis may expose AUTH parameters in logs in case of connection failure
PKSA-tv9g-g554-cxh4 CVE-2025-48493 GHSA-g3p6-82vc-43jh
Affected version: <2.0.20
Reported by:
GitHub -
[CRITICAL] Potential remote code execution in LUA context of the redis server via methods `yii\redis\ActiveRecord::findOne()` and `::findAll()`
PKSA-ntr8-ytbs-scvs CVE-2018-8073 GHSA-4hx3-m8w5-g5qh
Affected version: <2.0.8
Reported by:
GitHub, FriendsOfPHP/security-advisories