Your submission was sent successfully! Close

CVE-2018-13982

Published: 18 September 2018

Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
smarty3
Launchpad, Ubuntu, Debian
Upstream
Released (3.1.33)
Ubuntu 21.10 (Impish Indri) Not vulnerable
(3.1.33+20180830.1.3a78a21f+selfpack1-1)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(3.1.33+20180830.1.3a78a21f+selfpack1-1)
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(3.1.33+20180830.1.3a78a21f+selfpack1-1)
Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was needs-triage)
Patches:
Upstream: https://github.com/smarty-php/smarty/commit/8d21f38dc35c4cd6b31c2f23fc9b8e5adbc56dfe
Upstream: https://github.com/smarty-php/smarty/commit/f9ca3c63d1250bb56b2bda609dcc9dd81f0065f8
Upstream: https://github.com/smarty-php/smarty/commit/2e081a51b1effddb23f87952959139ac62654d50
Upstream: https://github.com/smarty-php/smarty/commit/c9dbe1d08c081912d02bd851d1d1b6388f6133d1