CVE-2020-15148 – Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the a …

15 September 2020

Vuln ID: CVE-2020-15148

Published: 2020-09-15 19:15:12Z

Description: Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisory.

Source: NVD.NIST.GOV

Date:

15 September 2020

Categorie(s):

NVD

Tag(s):

NVD

How APIs Help To Improve Your Customers’ Experience [5 Tips]20 April 2024
Essential Cyber Security Plan for Small Business20 April 2024
Are PayPal’s Executives Looking Towards Re-Inventing the Product’s Identity?20 April 2024
Why A One-Size-Fits-All Approach No Longer Works For Modern Banking Clients20 April 2024
What Is Zero Trust Architecture All About?20 April 2024