CVE-2013-1348: Code Injection

June 2, 2014 (updated August 28, 2017)

The Yaml::parse function in Symfony remote attackers to execute arbitrary PHP code via a PHP file.

References

symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released

Code Behaviors & Features

Detect and mitigate CVE-2013-1348 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →