Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS02MzR4LXBjM3EtY2Y0Y84AArNC
PHP Code Injection by malicious block or filename in Smarty
Impact
Template authors could inject php code by choosing a malicous {block} name or {include} file name. Sites that cannot fully trust template authors should update asap.
Patches
Please upgrade to the most recent version of Smarty v3 or v4.
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
References
Are there any links users can visit to find out more?
For more information
If you have any questions or comments about this advisory:
- Open an issue in the Smarty repo
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS02MzR4LXBjM3EtY2Y0Y84AArNC
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 2 years ago
Updated: over 1 year ago
CVSS Score: 8.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-634x-pc3q-cf4c, CVE-2022-29221
References:
- https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c
- https://nvd.nist.gov/vuln/detail/CVE-2022-29221
- https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd
- https://github.com/smarty-php/smarty/releases/tag/v3.1.45
- https://github.com/smarty-php/smarty/releases/tag/v4.1.1
- https://lists.debian.org/debian-lts-announce/2022/05/msg00044.html
- https://www.debian.org/security/2022/dsa-5151
- https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2022-29221.yaml
- https://security.gentoo.org/glsa/202209-09
- https://lists.fedoraproject.org/archives/list/[email protected]/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/
- https://github.com/advisories/GHSA-634x-pc3q-cf4c
Blast Radius: 29.7
Affected Packages
packagist:smarty/smarty
Dependent packages: 465Dependent repositories: 2,359
Downloads: 27,726,932 total
Affected Version Ranges: >= 4.0.0, < 4.1.1, < 3.1.45
Fixed in: 4.1.1, 3.1.45
All affected versions: 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.33, 3.1.11, 3.1.12, 3.1.13, 3.1.14, 3.1.15, 3.1.16, 3.1.17, 3.1.18, 3.1.19, 3.1.20, 3.1.21, 3.1.23, 3.1.24, 3.1.25, 3.1.26, 3.1.27, 3.1.28, 3.1.29, 3.1.30, 3.1.31, 3.1.32, 3.1.33, 3.1.34, 3.1.35, 3.1.36, 3.1.37, 3.1.38, 3.1.39, 3.1.40, 3.1.41, 3.1.42, 3.1.43, 3.1.44, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.1.0
All unaffected versions: 3.1.45, 3.1.46, 3.1.47, 3.1.48, 4.1.1, 4.2.0, 4.2.1, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.4.0, 4.4.1, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 5.0.0, 5.0.1, 5.0.2, 5.1.0, 5.2.0, 5.3.0, 5.3.1, 5.4.0, 5.4.1