Package impact
Packagist / symfony/yaml
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-45133 | low | — | 2.5 | 9d ago | Symfony hardened the parser when handling untrusted input | |
| CVE-2026-45304 | low | — | 2.5 | 9d ago | Symfony's YAML Parser Vulnerable to Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs") | |
| CVE-2026-45305 | low | — | 2.5 | 9d ago | Symfony's YAML Parser has a ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex |