CVE-2022-29221

Priority
Description
Smarty is a template engine for PHP, facilitating the separation of
presentation (HTML/CSS) from application logic. Prior to versions 3.1.45
and 4.1.1, template authors could inject php code by choosing a malicious
{block} name or {include} file name. Sites that cannot fully trust template
authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for
this issue. There are currently no known workarounds.
References
Bugs
Notes
Package
Upstream:needs-triage
Patches:
Package
Upstream:needs-triage
Patches:
Package
Source: gosa (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:needs-triage
Ubuntu 22.04 LTS:needs-triage
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:needs-triage
Ubuntu 22.04 LTS:needs-triage
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:needs-triage
Ubuntu 22.04 LTS:needs-triage
Patches:
Package
Upstream:needs-triage
Ubuntu 22.10:needs-triage
Patches:
More Information

Updated: 2022-06-09 20:25:29 UTC (commit 98d18c0929bdccdc05ec5adc210c5a34e8cc12b1)