[CRITICAL] yiisoft/yii2 Mishandles the Attaching of Behavior Defined by a `__class` Array Key

PKSA-zmx9-v1jv-dy8s CVE-2024-58136 GHSA-ggwg-cmwp-46r5

Affected package: yiisoft/yii2

Affected version: <2.0.52

Reported by:
GitHub