{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55151?format=json","vulnerability_id":"VCID-nnt3-u39w-yqa9","summary":"Unsafe Reflection in base Component class in yiisoft/yii2\nYii2 supports attaching Behaviors to Components by setting properties having the format `'as <behaviour-name>'`.\n\nInternally this is done using the `__set()` magic method. If the value passed to this method is not an instance of the `Behavior` class, a new object is instantiated using `Yii::createObject($value)`. However, there is no validation check that verifies that `$value` is a valid `Behavior` class name or configuration. An attacker that can control the content of the $value variable can then instantiate arbitrary classes, passing parameters to their constructors and then invoking setter methods.","aliases":[{"alias":"CVE-2024-4990"},{"alias":"GHSA-cjcc-p67m-7qxm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81701?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.50","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.50"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/201119?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.0-alpha","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-hhby-y7fg-tqax"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-uybn-p34d-pbga"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.0-alpha"},{"url":"http://public2.vulnerablecode.io/api/packages/201120?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.0-beta","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-hhby-y7fg-tqax"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-uybn-p34d-pbga"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.0-beta"},{"url":"http://public2.vulnerablecode.io/api/packages/201121?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.0-rc","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-hhby-y7fg-tqax"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-uybn-p34d-pbga"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.0-rc"},{"url":"http://public2.vulnerablecode.io/api/packages/201122?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-hhby-y7fg-tqax"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-uybn-p34d-pbga"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/201123?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-hhby-y7fg-tqax"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-uybn-p34d-pbga"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/201124?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-hhby-y7fg-tqax"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-uybn-p34d-pbga"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/201125?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-hhby-y7fg-tqax"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-uybn-p34d-pbga"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/52276?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-uybn-p34d-pbga"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/52321?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/209370?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/209371?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/209372?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/209373?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/53393?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-mvyf-rrfg-xucc"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/53394?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/215492?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/215493?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.11.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.11.2"},{"url":"http://public2.vulnerablecode.io/api/packages/63495?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-v3nu-bzav-vfc8"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/217050?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.12.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-v3nu-bzav-vfc8"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.12.1"},{"url":"http://public2.vulnerablecode.io/api/packages/272445?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.12.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-v3nu-bzav-vfc8"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.12.2"},{"url":"http://public2.vulnerablecode.io/api/packages/63496?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/215494?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.13.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4xj7-j7qz-2kd2"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-x788-tu9q-byfu"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.13.1"},{"url":"http://public2.vulnerablecode.io/api/packages/217051?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.13.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.13.2"},{"url":"http://public2.vulnerablecode.io/api/packages/272446?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.13.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.13.3"},{"url":"http://public2.vulnerablecode.io/api/packages/54888?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/217052?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.14.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.14.1"},{"url":"http://public2.vulnerablecode.io/api/packages/217053?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.14.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"},{"vulnerability":"VCID-y165-fy8y-2fcc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.14.2"},{"url":"http://public2.vulnerablecode.io/api/packages/55237?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/272447?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.15.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"},{"vulnerability":"VCID-vf2s-s6dr-nqhf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.15.1"},{"url":"http://public2.vulnerablecode.io/api/packages/62930?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/272448?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.16.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.16.1"},{"url":"http://public2.vulnerablecode.io/api/packages/272449?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/272450?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.18"},{"url":"http://public2.vulnerablecode.io/api/packages/272451?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.19"},{"url":"http://public2.vulnerablecode.io/api/packages/272452?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.20"},{"url":"http://public2.vulnerablecode.io/api/packages/272453?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.21"},{"url":"http://public2.vulnerablecode.io/api/packages/272454?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.22"},{"url":"http://public2.vulnerablecode.io/api/packages/272455?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.23"},{"url":"http://public2.vulnerablecode.io/api/packages/272456?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.24"},{"url":"http://public2.vulnerablecode.io/api/packages/272457?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.25"},{"url":"http://public2.vulnerablecode.io/api/packages/272458?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.26"},{"url":"http://public2.vulnerablecode.io/api/packages/272459?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.27"},{"url":"http://public2.vulnerablecode.io/api/packages/272460?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.28"},{"url":"http://public2.vulnerablecode.io/api/packages/272461?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.29"},{"url":"http://public2.vulnerablecode.io/api/packages/272462?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.30","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.30"},{"url":"http://public2.vulnerablecode.io/api/packages/272463?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.31"},{"url":"http://public2.vulnerablecode.io/api/packages/272464?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.32"},{"url":"http://public2.vulnerablecode.io/api/packages/272465?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.33","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.33"},{"url":"http://public2.vulnerablecode.io/api/packages/272466?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.34"},{"url":"http://public2.vulnerablecode.io/api/packages/272467?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.35","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.35"},{"url":"http://public2.vulnerablecode.io/api/packages/272468?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.36","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.36"},{"url":"http://public2.vulnerablecode.io/api/packages/272469?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.37","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-gwmb-kcz9-d7b9"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.37"},{"url":"http://public2.vulnerablecode.io/api/packages/78685?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.38","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.38"},{"url":"http://public2.vulnerablecode.io/api/packages/742639?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.39","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.39"},{"url":"http://public2.vulnerablecode.io/api/packages/742640?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.39.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.39.1"},{"url":"http://public2.vulnerablecode.io/api/packages/742641?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.39.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.39.2"},{"url":"http://public2.vulnerablecode.io/api/packages/742642?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.39.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.39.3"},{"url":"http://public2.vulnerablecode.io/api/packages/742643?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.40","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.40"},{"url":"http://public2.vulnerablecode.io/api/packages/742644?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.41","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.41"},{"url":"http://public2.vulnerablecode.io/api/packages/742645?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.41.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.41.1"},{"url":"http://public2.vulnerablecode.io/api/packages/742646?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.42","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.42"},{"url":"http://public2.vulnerablecode.io/api/packages/742647?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.42.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.42.1"},{"url":"http://public2.vulnerablecode.io/api/packages/513365?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.43","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7h77-j38d-5khr"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.43"},{"url":"http://public2.vulnerablecode.io/api/packages/742648?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.44","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.44"},{"url":"http://public2.vulnerablecode.io/api/packages/742649?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.45","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.45"},{"url":"http://public2.vulnerablecode.io/api/packages/742650?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.46","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.46"},{"url":"http://public2.vulnerablecode.io/api/packages/134393?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.47","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.47"},{"url":"http://public2.vulnerablecode.io/api/packages/742651?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.48","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.48"},{"url":"http://public2.vulnerablecode.io/api/packages/742652?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.48.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.48.1"},{"url":"http://public2.vulnerablecode.io/api/packages/742653?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.49","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.49"},{"url":"http://public2.vulnerablecode.io/api/packages/742654?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.49.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.49.1"},{"url":"http://public2.vulnerablecode.io/api/packages/742655?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.49.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.49.2"},{"url":"http://public2.vulnerablecode.io/api/packages/742656?format=json","purl":"pkg:composer/yiisoft/yii2@2.0.49.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7h77-j38d-5khr"},{"vulnerability":"VCID-7kx3-sxex-f7dz"},{"vulnerability":"VCID-nnt3-u39w-yqa9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2@2.0.49.3"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4990","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42025","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4990"},{"reference_url":"https://github.com/yiisoft/yii2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/yiisoft/yii2"},{"reference_url":"https://github.com/yiisoft/yii2/blob/master/framework/CHANGELOG.md#2050-may-30-2024","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/yiisoft/yii2/blob/master/framework/CHANGELOG.md#2050-may-30-2024"},{"reference_url":"https://github.com/yiisoft/yii2/commit/628d406bfafb80fc32147837888c0057d89a021e","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/yiisoft/yii2/commit/628d406bfafb80fc32147837888c0057d89a021e"},{"reference_url":"https://github.com/yiisoft/yii2/commit/62d081f18c3602d09e7d075bba3a0ca5c313f0b4","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/yiisoft/yii2/commit/62d081f18c3602d09e7d075bba3a0ca5c313f0b4"},{"reference_url":"https://github.com/yiisoft/yii2/pull/20183","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/yiisoft/yii2/pull/20183"},{"reference_url":"https://huntr.com/bounties/4fbdd965-02b6-42e4-b57b-f98f93415b8f","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-20T13:30:40Z/"}],"url":"https://huntr.com/bounties/4fbdd965-02b6-42e4-b57b-f98f93415b8f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-4990","reference_id":"CVE-2024-4990","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-4990"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/yiisoft/yii2/CVE-2024-4990.yaml","reference_id":"CVE-2024-4990.YAML","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/yiisoft/yii2/CVE-2024-4990.yaml"},{"reference_url":"https://github.com/advisories/GHSA-cjcc-p67m-7qxm","reference_id":"GHSA-cjcc-p67m-7qxm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cjcc-p67m-7qxm"},{"reference_url":"https://github.com/yiisoft/yii2/security/advisories/GHSA-cjcc-p67m-7qxm","reference_id":"GHSA-cjcc-p67m-7qxm","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/yiisoft/yii2/security/advisories/GHSA-cjcc-p67m-7qxm"}],"weaknesses":[{"cwe_id":470,"name":"Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')","description":"The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nnt3-u39w-yqa9"}