CVE-2025-2689 - Yii2 Symfony Finder Deserialization Vulnerability
CVE ID : CVE-2025-2689 Published : March 24, 2025, 7:15 a.m. | 1 hour, 59 minutes ago Description : A vulnerability, which was classified as critical, has been found in yiisoft Yii2 up to 2.0.45. Affected by this issue is the function getIterator of the file symfony\finder\Iterator\SortableIterator.php. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2689
Published : March 24, 2025, 7:15 a.m. | 1 hour, 59 minutes ago
Description : A vulnerability, which was classified as critical, has been found in yiisoft Yii2 up to 2.0.45. Affected by this issue is the function getIterator of the file symfony\finder\Iterator\SortableIterator.php. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : March 24, 2025, 7:15 a.m. | 1 hour, 59 minutes ago
Description : A vulnerability, which was classified as critical, has been found in yiisoft Yii2 up to 2.0.45. Affected by this issue is the function getIterator of the file symfony\finder\Iterator\SortableIterator.php. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
