Critical severity9.8NVD Advisory· Published Mar 21, 2018· Updated Jun 17, 2026
CVE-2018-8073
CVE-2018-8073
Description
Yii 2.x before 2.0.15 allows remote attackers to execute arbitrary LUA code via a variant of the CVE-2018-7269 attack in conjunction with the Redis extension.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
yiisoft/yii2-redisPackagist | < 2.0.8 | 2.0.8 |
Affected products
1Patches
Vulnerability mechanics
References
6- www.yiiframework.com/news/168/releasing-yii-2-0-15-and-database-extensions-with-security-fixes/nvdVendor Advisory
- github.com/advisories/GHSA-4hx3-m8w5-g5qhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-8073ghsaADVISORY
- www.yiiframework.com/news/168/releasing-yii-2-0-15-and-database-extensions-with-security-fixesghsaWEB
- github.com/FriendsOfPHP/security-advisories/blob/master/yiisoft/yii2-redis/CVE-2018-8073.yamlghsaWEB
- www.yiiframework.com/news/168/releasing-yii-2-0-15-and-database-extensions-with-security-fixesghsaWEB
News mentions
0No linked articles in our index yet.