Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/symfony/yaml@2.0.10
Typecomposer
Namespacesymfony
Nameyaml
Version2.0.10
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.0.22
Latest_non_vulnerable_version2.1.7
Affected_by_vulnerabilities
0
url VCID-bny7-h1nn-bkbc
vulnerability_id VCID-bny7-h1nn-bkbc
summary 
Code Injection
The `Yaml::parse` function in Symfony allows remote attackers to execute arbitrary PHP code via a PHP file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1348
reference_id
reference_type
scores
0
value 0.00619
scoring_system epss
scoring_elements 0.69944
published_at 2026-04-04T12:55:00Z
1
value 0.00619
scoring_system epss
scoring_elements 0.70033
published_at 2026-04-18T12:55:00Z
2
value 0.00619
scoring_system epss
scoring_elements 0.70023
published_at 2026-04-16T12:55:00Z
3
value 0.00619
scoring_system epss
scoring_elements 0.69922
published_at 2026-04-07T12:55:00Z
4
value 0.00619
scoring_system epss
scoring_elements 0.69981
published_at 2026-04-13T12:55:00Z
5
value 0.00619
scoring_system epss
scoring_elements 0.69994
published_at 2026-04-12T12:55:00Z
6
value 0.00619
scoring_system epss
scoring_elements 0.7001
published_at 2026-04-11T12:55:00Z
7
value 0.00619
scoring_system epss
scoring_elements 0.69986
published_at 2026-04-09T12:55:00Z
8
value 0.00619
scoring_system epss
scoring_elements 0.69917
published_at 2026-04-01T12:55:00Z
9
value 0.00619
scoring_system epss
scoring_elements 0.69929
published_at 2026-04-02T12:55:00Z
10
value 0.00619
scoring_system epss
scoring_elements 0.69969
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1348
1
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/81550
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/81550
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2013-1348.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2013-1348.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/yaml/CVE-2013-1348.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/yaml/CVE-2013-1348.yaml
4
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
5
reference_url https://github.com/symfony/symfony/commit/ac756bf39e646b4e130fad058d10a0228dbd9779
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/ac756bf39e646b4e130fad058d10a0228dbd9779
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1348
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1348
7
reference_url https://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released
8
reference_url https://web.archive.org/web/20150612022223/http://www.securityfocus.com/bid/57574
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150612022223/http://www.securityfocus.com/bid/57574
9
reference_url https://github.com/advisories/GHSA-2r5h-6r7v-5m7c
reference_id GHSA-2r5h-6r7v-5m7c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2r5h-6r7v-5m7c
fixed_packages
0
url pkg:composer/symfony/yaml@2.0.22
purl pkg:composer/symfony/yaml@2.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/yaml@2.0.22
aliases CVE-2013-1348, GHSA-2r5h-6r7v-5m7c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bny7-h1nn-bkbc
1
url VCID-jjqk-u4vs-tbba
vulnerability_id VCID-jjqk-u4vs-tbba
summary 
Symfony Arbitrary PHP code Execution
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1397
reference_id
reference_type
scores
0
value 0.00619
scoring_system epss
scoring_elements 0.69944
published_at 2026-04-04T12:55:00Z
1
value 0.00619
scoring_system epss
scoring_elements 0.70033
published_at 2026-04-18T12:55:00Z
2
value 0.00619
scoring_system epss
scoring_elements 0.70023
published_at 2026-04-16T12:55:00Z
3
value 0.00619
scoring_system epss
scoring_elements 0.69981
published_at 2026-04-13T12:55:00Z
4
value 0.00619
scoring_system epss
scoring_elements 0.69922
published_at 2026-04-07T12:55:00Z
5
value 0.00619
scoring_system epss
scoring_elements 0.69994
published_at 2026-04-12T12:55:00Z
6
value 0.00619
scoring_system epss
scoring_elements 0.7001
published_at 2026-04-11T12:55:00Z
7
value 0.00619
scoring_system epss
scoring_elements 0.69986
published_at 2026-04-09T12:55:00Z
8
value 0.00619
scoring_system epss
scoring_elements 0.69917
published_at 2026-04-01T12:55:00Z
9
value 0.00619
scoring_system epss
scoring_elements 0.69929
published_at 2026-04-02T12:55:00Z
10
value 0.00619
scoring_system epss
scoring_elements 0.69969
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1397
1
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/81551
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/81551
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2013-1397.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2013-1397.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/yaml/CVE-2013-1397.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/yaml/CVE-2013-1397.yaml
4
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
5
reference_url https://github.com/symfony/symfony/commit/ba6e3159c0eeb3b6e21db32fce8fa2535cb3aa77
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/ba6e3159c0eeb3b6e21db32fce8fa2535cb3aa77
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1397
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1397
7
reference_url https://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released
8
reference_url http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released
9
reference_url https://github.com/advisories/GHSA-7w53-hfpw-rg3g
reference_id GHSA-7w53-hfpw-rg3g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7w53-hfpw-rg3g
fixed_packages
0
url pkg:composer/symfony/yaml@2.0.22
purl pkg:composer/symfony/yaml@2.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/yaml@2.0.22
1
url pkg:composer/symfony/yaml@2.1.7
purl pkg:composer/symfony/yaml@2.1.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/yaml@2.1.7
2
url pkg:composer/symfony/yaml@2.2.0-BETA2
purl pkg:composer/symfony/yaml@2.2.0-BETA2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/yaml@2.2.0-BETA2
aliases CVE-2013-1397, GHSA-7w53-hfpw-rg3g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jjqk-u4vs-tbba
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/symfony/yaml@2.0.10