We have fixed a security issue in 2.0.50 but there were additional issues so complete fix was done in 2.0.52. We have not properly assigned a new CVE for it and considered additional fix as:
Bug #20232: Fix regression introduced in GHSA-cjcc-p67m-7qxm while attaching behavior defined by __class array key (erickskrauch)

That was not correct. CVE is pending now and will be linked here as soon as it is published.
Thanks goes to Nicolas Bourras & Thomas Reynolds from Orange Cyberdefense.