Remote attackers could obtain potentially sensitive information from exception messages printed by the error handler in non-debug mode.

PKSA-2342-4j8y-2xvc CVE-2018-6010

Affected package: yiisoft/yii2-dev

Affected version: <2.0.14

Reported by:
FriendsOfPHP/security-advisories