Search for packages
Package details: pkg:composer/symfony/yaml@2.0.22
purl pkg:composer/symfony/yaml@2.0.22
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-pm5w-g66m-sybw Symphony Vulnerable to PHP Code Injection via YAML Parsing The `Yaml::parse` function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397. CVE-2013-1348
GHSA-2r5h-6r7v-5m7c
VCID-s2at-s4ej-rfdw Symfony Arbitrary PHP code Execution Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348. CVE-2013-1397
GHSA-7w53-hfpw-rg3g

Date Actor Action Vulnerability Source VulnerableCode Version
2025-07-03T18:19:33.640050+00:00 GitLab Importer Fixing VCID-s2at-s4ej-rfdw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/yaml/CVE-2013-1397.yml 37.0.0
2025-07-03T17:12:46.633722+00:00 GitLab Importer Fixing VCID-pm5w-g66m-sybw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/yaml/CVE-2013-1348.yml 37.0.0
2025-07-01T18:10:01.424071+00:00 GitLab Importer Fixing VCID-pm5w-g66m-sybw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/yaml/CVE-2013-1348.yml 36.1.3
2025-07-01T12:27:41.980146+00:00 GithubOSV Importer Fixing VCID-s2at-s4ej-rfdw https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-7w53-hfpw-rg3g/GHSA-7w53-hfpw-rg3g.json 36.1.3
2025-07-01T12:27:30.908211+00:00 GithubOSV Importer Fixing VCID-pm5w-g66m-sybw https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-2r5h-6r7v-5m7c/GHSA-2r5h-6r7v-5m7c.json 36.1.3