Vulnerabilities > Yiiframework > YII > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-10 | CVE-2021-3689 | Use of Insufficiently Random Values vulnerability in Yiiframework YII yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | 7.5 |
| 2018-03-21 | CVE-2018-8074 | Code Injection vulnerability in Yiiframework YII Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension. | 8.1 |