Vulnerabilities > Yiiframework > YII > 2.0.39.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-24 | CVE-2025-2689 | Deserialization of Untrusted Data vulnerability in Yiiframework YII A vulnerability, which was classified as critical, has been found in yiisoft Yii2 up to 2.0.45. | 9.8 |
| 2023-04-04 | CVE-2023-26750 | SQL Injection vulnerability in Yiiframework YII SQL injection vulnerability found in Yii Framework Yii 2 Framework before v.2.0.47 allows the a remote attacker to execute arbitrary code via the runAction function. | 9.8 |
| 2021-08-10 | CVE-2021-3692 | Use of Insufficiently Random Values vulnerability in Yiiframework YII yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | 5.3 |
| 2021-08-10 | CVE-2021-3689 | Use of Insufficiently Random Values vulnerability in Yiiframework YII yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | 7.5 |