8 matches found
GHSA-7W53-HFPW-RG3G Symfony Arbitrary PHP code Execution
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...
Symfony Arbitrary PHP code Execution
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...
Design/Logic Flaw
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...
CVE-2013-1348
CVE-2013-1348 affects Symfony 2.0.x before 2.0.22 where the YAML parsing path in Yaml::parse can allow remote code execution of PHP via a crafted PHP file. Root cause: insecure handling in YAML parsing that enables arbitrary PHP code execution. Impact: remote attacker could execute code with the ...
Fedora Update for php-symfony2-Yaml FEDORA-2013-1130
Check for the Version of php-symfony2-Yaml OpenVAS Vulnerability Test Fedora Update for php-symfony2-Yaml FEDORA-2013-1130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for php-symfony2-Yaml FEDORA-2013-1130
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 16 : php-symfony2-Yaml-2.0.22-1.fc16 (2013-1130)
Updated to upstream version 2.0.22 CVE-2013-1348: Ability to enable/disable PHP parsing in Yaml::parse CVE-2013-1397: Ability to enable/disable object support in YAML parsing and dumping See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-rele ased Changelog:...
Security release: Symfony 2.0.22 and 2.1.7 released
Symfony 2.0.22 and Symfony 2.1.7 have just been released and they both contain security fixes for the YAML component CVE-2013-1348 and CVE-2013-1397. CVE-2013-1348: Ability to enable/disable PHP parsing in Yaml::parse Affected versions All 2.0.X versions of the YAML component are affected by this...