Search by 
yiisoft/yii2-dev Security Advisories for 2.0.14.2 (1)
-
Potential SQL injection in methods `yii\db\ActiveRecord::findOne()` and `::findAll()`
Affected version: <2.0.12.1|>=2.0.13,<2.0.13.2|>=2.0.14,<2.0.15
Reported by:
FriendsOfPHP/security-advisories