Advisories for Composer/Yiisoft/Yii2-Elasticsearch package

Elasticsearch extension of Yii 2 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack.