[HIGH] yiisoft/yii deserializing untrusted user input can lead to remote code execution

PKSA-zxnx-782b-tfrm CVE-2023-47130 GHSA-mw2w-2hj2-fg8q

Affected version: <1.1.29

Reported by:
GitHub

[HIGH] Prevent RCE when deserializing untrusted user input

PKSA-cjwh-whsw-vv25 CVE-2022-41922 GHSA-442f-wcwq-fpcf

Affected version: <1.1.27

Reported by:
GitHub