Lucene search
K

4 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/28 12:0 a.m.8 views

The vulnerability of the yiisoft/yii2-redis framework in Yii, which allows attackers to expose protected information.

The vulnerability of the yiisoft/yii2-redis framework in Yii is related to the exposure of information through registration files. Exploiting this vulnerability allows a malicious actor to disclose protected information through the AUTH parameter...

6.6CVSS5.4AI score0.00283EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2025/06/06 5:54 a.m.96 views

Sensitive Information Disclosure

yiisoft/yii2-redis is vulnerable to Sensitive Information Disclosure. The vulnerability is due to information disclosure due to authentication credentials username and password being logged in plain text during failed connection attempts...

6.5CVSS6.2AI score0.00283EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/06/05 12:0 a.m.6 views

yii2-redis 日志信息泄露漏洞

yii2-redis is an extension to yii open source. A log information disclosure vulnerability exists in yii2-redis versions prior to 2.0.20, which stems from the explicit logging of the AUTH parameter in the logs, which could lead to credential disclosure...

6.5CVSS5.8AI score0.00283EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/14 3:31 a.m.26 views

yii2-redis Potential Remote code execution

Potential remote code execution in LUA context of the redis server via methods yii\redis\ActiveRecord::findOne and yii\redis\ActiveRecord::findAll in yiisoft/yii2-redis. Attackers could probably manipulate data on the redis server...

9.8CVSS8.1AI score0.01588EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder