Security Advisories - PKSA-62sq-zmbb-yyr8 - Packagist

PKSA-62sq-zmbb-yyr8 Security Advisory

[CRITICAL] class yii\web\ViewAction allowed to include arbitrary files that end with .php

PKSA-62sq-zmbb-yyr8 CVE-2015-5467 GHSA-7cfq-72w2-24q4

Affected package: yiisoft/yii2

Affected version: <2.0.5

Reported by:
GitHub, FriendsOfPHP/security-advisories