Browse all 13 CVE security advisories affecting Yifan. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Yifan is a web application framework primarily used for building content management systems and e-commerce platforms. Historically, it has been susceptible to multiple vulnerability classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, with 13 CVEs documented. The framework's modular architecture introduces potential risks through third-party extensions. Notable security characteristics include its extensive use of dynamic rendering and client-side processing, which have contributed to XSS vulnerabilities. While no major public security incidents have been widely reported, the consistent discovery of flaws in input validation and access control mechanisms suggests ongoing security challenges for developers implementing Yifan-based solutions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-32645 | Yifan YF325 安全漏洞 — YF325CWE-489 | 9.8 | Critical | 2023-10-11 |
| CVE-2023-35056 | Yifan YF325 安全漏洞 — YF325CWE-121 | 8.8 | High | 2023-10-11 |
| CVE-2023-35055 | Yifan YF325 安全漏洞 — YF325CWE-121 | 8.8 | High | 2023-10-11 |
| CVE-2023-34365 | YF325 缓冲区错误漏洞 — YF325CWE-121 | 9.8 | Critical | 2023-10-11 |
| CVE-2023-24479 | Yifan YF325 授权问题漏洞 — YF325CWE-284 | 9.8 | Critical | 2023-10-11 |
| CVE-2023-34426 | Yifan YF325 缓冲区错误漏洞 — YF325CWE-121 | 9.8 | Critical | 2023-10-11 |
| CVE-2023-34346 | Yifan YF325 缓冲区错误漏洞 — YF325CWE-489 | 9.8 | Critical | 2023-10-11 |
| CVE-2023-31272 | Yifan YF325 缓冲区错误漏洞 — YF325CWE-121 | 8.8 | High | 2023-10-11 |
| CVE-2023-35966 | Yifan YF325 缓冲区错误漏洞 — YF325CWE-190 | 9.8 | Critical | 2023-10-11 |
| CVE-2023-32632 | Yifan YF325 命令注入漏洞 — YF325CWE-284 | 8.8 | High | 2023-10-11 |
| CVE-2023-35968 | Yifan YF325 缓冲区错误漏洞 — YF325CWE-190 | 9.8 | Critical | 2023-10-11 |
| CVE-2023-35967 | Yifan YF325 缓冲区错误漏洞 — YF325CWE-190 | 9.8 | Critical | 2023-10-11 |
| CVE-2023-35965 | Yifan YF325 缓冲区错误漏洞 — YF325CWE-190 | 9.8 | Critical | 2023-10-11 |
This page lists every published CVE security advisory associated with Yifan. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.