Packagist (Composer) package
symfony/yaml
pkg:composer/symfony/yaml
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-1397 | — | >= 2.0.0, < 2.0.22 | 2.0.22 | Jun 2, 2014 | Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348. | ||
| CVE-2013-1348 | — | >= 2.0.0, < 2.0.22 | 2.0.22 | Jun 2, 2014 | The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397. |
- CVE-2013-1397Jun 2, 2014affected >= 2.0.0, < 2.0.22fixed 2.0.22
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348.
- CVE-2013-1348Jun 2, 2014affected >= 2.0.0, < 2.0.22fixed 2.0.22
The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397.