Skip to main content

Yii2 Redis

1 CVEs product

Monthly

CVE-2025-48493 PHP MEDIUM PATCH This Month

The Yii 2 Redis extension provides the redis key-value store support for the Yii framework 2.0. On failing connection, the extension writes commands sequence to logs. Prior to version 2.0.20, AUTH parameters are written in plain text exposing username and password. That might be an issue if attacker has access to logs. Version 2.0.20 fixes the issue.

Redis Information Disclosure Yii2 Redis
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The Yii 2 Redis extension provides the redis key-value store support for the Yii framework 2.0. On failing connection, the extension writes commands sequence to logs. Prior to version 2.0.20, AUTH parameters are written in plain text exposing username and password. That might be an issue if attacker has access to logs. Version 2.0.20 fixes the issue.

Redis Information Disclosure Yii2 Redis
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy