pkg:Packagist/smarty/smarty

所有已知漏洞

• CRITICAL9.8CVE-2017-1000480Smarty PHP code injection
  >= 3, < 3.1.32
• CRITICAL9.8CVE-2011-1028Smarty3 Arbitrary PHP Code Execution
  from 0, < 3.0.7
• CRITICAL9.8CVE-2021-26120PHP Code Injection by malicious function name in smarty
  from 0, < 3.1.39
• HIGH8.8CVE-2022-29221PHP Code Injection by malicious block or filename in Smarty
  from 0, < 3.1.45
• HIGH8.8CVE-2021-21408Access to restricted PHP code by dynamic static class access in smarty
  from 0, < 3.1.43
• HIGH8.1CVE-2021-29454Sandbox Escape by math function in smarty
  from 0, < 3.1.42
• HIGH7.5CVE-2018-13982Smarty Path Traversal Vulnerability
  from 0, < 3.1.33
• HIGH7.5CVE-2021-26119Sandbox escape through template_object in smarty
  from 0, < 3.1.39
• HIGH7.3CVE-2024-35226Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tag
  >= 5.0.0, < 5.1.1
• HIGH7.1CVE-2023-28447smarty Cross-site Scripting vulnerability in Javascript escaping
  >= 4.0.0, < 4.3.1
• MEDIUM5.9CVE-2018-16831Smarty Path Traversal Vulnerability
  from 0, < 3.1.33
• MEDIUM5.4CVE-2018-25047smarty3 - security update
  from 0, < 3.1.47
• —CVE-2012-4437Cross-site Scripting in SmartyException
  from 0, < 3.1.12
• —CVE-2014-8350Smarty arbitrary PHP code execution
  from 0, < 3.1.21
• —CVE-2009-5054Smarty Does Not Consider Umask Values When Setting Permissions
  from 0, < 3.0.0-beta4