Package impact
Packagist / symfony/yaml
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2013-1397 | high | — | 7.5 | 12y ago | Symfony Arbitrary PHP code Execution | |
| CVE-2013-1348 | high | — | 7.5 | 12y ago | Symphony Vulnerable to PHP Code Injection via YAML Parsing | |
| CVE-2026-45133 | low | — | 2.5 | 9d ago | Symfony hardened the parser when handling untrusted input | |
| CVE-2026-45304 | low | — | 2.5 | 9d ago | Symfony's YAML Parser Vulnerable to Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs") | |
| CVE-2026-45305 | low | — | 2.5 | 9d ago | Symfony's YAML Parser has a ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex |