Debian/smarty3 — 34 CVEs · VulnScope

pkg:Debian/smarty3

34 total CVEsCRITICAL5HIGH12MEDIUM4

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2017-1000480smarty3 - security update
from 0, < 3.1.31+20161214.1.c7d42e4+selfpack1-3
CRITICAL9.8CVE-2017-1000480smarty3 - security update
from 0, < 3.1.10-2+deb7u2
CRITICAL9.8CVE-2017-1000480smarty3 - security update
from 0, < 3.1.21-1+deb8u1
CRITICAL9.8Smarty3 Arbitrary PHP Code Execution
from 0, < 3.0.8-1
CRITICAL9.8PHP Code Injection by malicious function name in smarty
from 0, < 3.1.39-1
HIGH8.8smarty3 - security update
from 0, < 3.1.31+20161214.1.c7d42e4+selfpack1-2+deb9u6
HIGH8.8smarty3 - security update
from 0, < 3.1.39-2+deb11u1
HIGH8.8smarty3 - security update
from 0, < 3.1.33+20180830.1.3a78a21f+selfpack1-1+deb10u1
HIGH8.8smarty3 - security update
from 0, < 3.1.31+20161214.1.c7d42e4+selfpack1-2+deb9u5
HIGH8.8smarty3 - security update
from 0, < 3.1.39-2+deb11u1
HIGH8.1Sandbox Escape by math function in smarty
from 0, < 3.1.39-2+deb11u1
HIGH7.5smarty3 - security update
from 0, < 3.1.33+20180830.1.3a78a21f+selfpack1-1
HIGH7.5smarty3 - security update
from 0, < 3.1.31+20161214.1.c7d42e4+selfpack1-2+deb9u2
HIGH7.5Sandbox escape through template_object in smarty
from 0, < 3.1.39-1
HIGH7.3smarty4 - security update
from 0, < 3.1.39-2+deb11u2
HIGH7.1smarty3 - security update
from 0, < 3.1.47-2+deb12u1
HIGH7.1smarty3 - security update
from 0, < 3.1.39-2+deb11u2
MEDIUM5.9Smarty Path Traversal Vulnerability
from 0, < 3.1.33+20180830.1.3a78a21f+selfpack1-1
MEDIUM5.4smarty3 - security update
from 0, < 3.1.39-2+deb11u2
MEDIUM5.4smarty3 - security update
from 0, < 3.1.33+20180830.1.3a78a21f+selfpack1-1+deb10u2
MEDIUM5.4smarty3 - security update
from 0, < 3.1.39-2+deb11u2
—Cross-site Scripting in SmartyException
from 0, < 3.1.10-2
—smarty3 - security update
from 0, < 3.1.21-1
—smarty3 - security update
from 0, < 3.1.10-2+deb7u1
—Smarty Does Not Consider Umask Values When Setting Permissions
from 0, < 3.0~rc1-1
—Cross-site scripting (XSS) vulnerability in the smarty_function_html_options_optoutput function in distribution/libs/plugins/function.html_…
from 0, < 3.1.10-1
—Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors.
from 0, < 3.0~rc1-1
—Unspecified vulnerability in the math plugin in Smarty before 3.0.0 RC1 has unknown impact and remote attack vectors.
from 0, < 3.0.8-1
—Smarty before 3.0.0 RC3 does not properly handle an on value of the asp_tags option in the php.ini file, which has unspecified impact and r…
from 0, < 3.0.8-1
—Multiple unspecified vulnerabilities in the parser implementation in Smarty before 3.0.0 RC3 have unknown impact and remote attack vectors.
from 0, < 3.0.8-1
—Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned obj…
from 0, < 3.0.8-1
—Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors.
from 0, < 3.0.8-1
—Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this code into a…
from 0, < 3.0~rc1-1
—Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 have unknown impact and attack vectors.
from 0, < 3.0~rc1-1