Lucene search
K

8 matches found

OSV
OSV
added 2022/05/17 1:36 a.m.19 views

GHSA-7W53-HFPW-RG3G Symfony Arbitrary PHP code Execution

Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...

7.5CVSS7.1AI score0.01619EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2022/05/17 1:36 a.m.25 views

Symfony Arbitrary PHP code Execution

Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...

7.5CVSS7.8AI score0.01619EPSS
Exploits0References8Affected Software2
Prion
Prion
added 2014/06/02 3:55 p.m.15 views

Design/Logic Flaw

Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...

7.5CVSS7.6AI score0.01619EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2014/06/02 3:0 p.m.83 views

CVE-2013-1348

CVE-2013-1348 affects Symfony 2.0.x before 2.0.22 where the YAML parsing path in Yaml::parse can allow remote code execution of PHP via a crafted PHP file. Root cause: insecure handling in YAML parsing that enables arbitrary PHP code execution. Impact: remote attacker could execute code with the ...

7.5CVSS7.3AI score0.01619EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2013/01/31 12:0 a.m.19 views

Fedora Update for php-symfony2-Yaml FEDORA-2013-1130

Check for the Version of php-symfony2-Yaml OpenVAS Vulnerability Test Fedora Update for php-symfony2-Yaml FEDORA-2013-1130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

7.5CVSS6.4AI score0.01619EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/01/31 12:0 a.m.13 views

Fedora Update for php-symfony2-Yaml FEDORA-2013-1130

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/01/29 12:0 a.m.23 views

Fedora 16 : php-symfony2-Yaml-2.0.22-1.fc16 (2013-1130)

Updated to upstream version 2.0.22 CVE-2013-1348: Ability to enable/disable PHP parsing in Yaml::parse CVE-2013-1397: Ability to enable/disable object support in YAML parsing and dumping See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-rele ased Changelog:...

7.5CVSS5.4AI score0.01619EPSS
Exploits0References3
Symfony
Symfony
added 2013/01/17 12:0 a.m.16 views

Security release: Symfony 2.0.22 and 2.1.7 released

Symfony 2.0.22 and Symfony 2.1.7 have just been released and they both contain security fixes for the YAML component CVE-2013-1348 and CVE-2013-1397. CVE-2013-1348: Ability to enable/disable PHP parsing in Yaml::parse Affected versions All 2.0.X versions of the YAML component are affected by this...

7.5CVSS6.3AI score0.01619EPSS
Exploits0
Rows per page
Query Builder