Symfony · Symfony · CVE-2013-1397
**Name of the Vulnerable Software and Affected Versions**
Symfony versions 2.0.x through 2.0.21
Symfony versions 2.1.x through 2.1.6
**Description**
The issue allows remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) YamlParser::parse function.
**Recommendations**
For Symfony versions 2.0.x through 2.0.21, update to version 2.0.22 or later.
For Symfony versions 2.1.x through 2.1.6, update to version 2.1.7 or later.