pkg:Packagist/smarty/smarty

All known vulnerabilities

• CRITICAL9.8CVE-2017-1000480Smarty PHP code injection
  >= 3, < 3.1.32
• CRITICAL9.8CVE-2011-1028Smarty3 Arbitrary PHP Code Execution
  from 0, < 3.0.7
• CRITICAL9.8CVE-2021-26120PHP Code Injection by malicious function name in smarty
  from 0, < 3.1.39
• HIGH8.8PHP Code Injection by malicious block or filename in Smarty
  from 0, < 3.1.45
• HIGH8.8Access to restricted PHP code by dynamic static class access in smarty
  from 0, < 3.1.43
• HIGH8.1Sandbox Escape by math function in smarty
  from 0, < 3.1.42
• HIGH7.5Smarty Path Traversal Vulnerability
  from 0, < 3.1.33
• HIGH7.5Sandbox escape through template_object in smarty
  from 0, < 3.1.39
• HIGH7.3Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tag
  >= 5.0.0, < 5.1.1
• HIGH7.1smarty Cross-site Scripting vulnerability in Javascript escaping
  >= 4.0.0, < 4.3.1
• MEDIUM5.9Smarty Path Traversal Vulnerability
  from 0, < 3.1.33
• MEDIUM5.4Smarty Cross-site Scripting vulnerability in pages that use smarty_function_mailto
  from 0, < 3.1.47
• —Cross-site Scripting in SmartyException
  from 0, < 3.1.12
• —Smarty arbitrary PHP code execution
  from 0, < 3.1.21
• —Smarty Does Not Consider Umask Values When Setting Permissions
  from 0, < 3.0.0-beta4