Package impact
Packagist / symfony/yaml
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-1397 | high | — | 7.5 | 12y ago | Symfony Arbitrary PHP code Execution | |||
| CVE-2013-1348 | high | — | 7.5 | 12y ago | Symphony Vulnerable to PHP Code Injection via YAML Parsing | |||
| CVE-2026-45133 | low | — | 2.5 | 9d ago | Symfony hardened the parser when handling untrusted input | |||
| CVE-2026-45304 | low | — | 2.5 | 9d ago | Symfony's YAML Parser Vulnerable to Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs") | |||
| CVE-2026-45305 | low | — | 2.5 | 9d ago | Symfony's YAML Parser has a ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex |