VulnerableCode Package Details - pkg:composer/symfony/yaml@2.1.6

Search for packages

Package details: pkg:composer/symfony/yaml@2.1.6

Essentials
History (1)

purl	pkg:composer/symfony/yaml@2.1.6

Next non-vulnerable version	2.0.22
Latest non-vulnerable version	2.1.7
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-s2at-s4ej-rfdw Aliases: CVE-2013-1397 GHSA-7w53-hfpw-rg3g	Symfony Arbitrary PHP code Execution Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348.	2.1.7 Affected by 0 other vulnerabilities. 2.2.0-BETA2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-s2at-s4ej-rfdw
Aliases:
CVE-2013-1397
GHSA-7w53-hfpw-rg3g

Symfony Arbitrary PHP code Execution Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348.

2.1.7
Affected by 0 other vulnerabilities.

2.2.0-BETA2
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-03T18:19:33.667188+00:00	GitLab Importer	Affected by	VCID-s2at-s4ej-rfdw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/yaml/CVE-2013-1397.yml	37.0.0