Search for packages
| purl | pkg:composer/symfony/yaml@2.0.0 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-bny7-h1nn-bkbc
Aliases: CVE-2013-1348 GHSA-2r5h-6r7v-5m7c |
Code Injection The `Yaml::parse` function in Symfony allows remote attackers to execute arbitrary PHP code via a PHP file. |
Affected by 0 other vulnerabilities. |
|
VCID-jjqk-u4vs-tbba
Aliases: CVE-2013-1397 GHSA-7w53-hfpw-rg3g |
Symfony Arbitrary PHP code Execution Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-04T14:31:12.801719+00:00 | GHSA Importer | Affected by | VCID-bny7-h1nn-bkbc | https://github.com/advisories/GHSA-2r5h-6r7v-5m7c | 38.1.0 |
| 2026-04-04T14:31:12.730831+00:00 | GHSA Importer | Affected by | VCID-jjqk-u4vs-tbba | https://github.com/advisories/GHSA-7w53-hfpw-rg3g | 38.1.0 |
| 2026-04-03T21:25:59.107705+00:00 | GitLab Importer | Affected by | VCID-jjqk-u4vs-tbba | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/yaml/CVE-2013-1397.yml | 38.1.0 |
| 2026-04-01T12:46:53.208125+00:00 | GitLab Importer | Affected by | VCID-bny7-h1nn-bkbc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/yaml/CVE-2013-1348.yml | 38.0.0 |