VYPR

Packagist (Composer) package

symfony/yaml

pkg:composer/symfony/yaml

Vulnerabilities (2)

  • CVE-2013-1397Jun 2, 2014
    affected >= 2.0.0, < 2.0.22fixed 2.0.22

    Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348.

  • CVE-2013-1348Jun 2, 2014
    affected >= 2.0.0, < 2.0.22fixed 2.0.22

    The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397.