Filtered by vendor Yiiframework
Subscriptions
Filtered by product Yii2-redis
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48493 | 1 Yiiframework | 1 Yii2-redis | 2025-09-18 | 6.5 Medium |
| The Yii 2 Redis extension provides the redis key-value store support for the Yii framework 2.0. On failing connection, the extension writes commands sequence to logs. Prior to version 2.0.20, AUTH parameters are written in plain text exposing username and password. That might be an issue if attacker has access to logs. Version 2.0.20 fixes the issue. | ||||
Page 1 of 1.