CVE-2018-13982
Published: 18 September 2018
Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files.
Priority
Medium
CVSS 3 base score: 7.5
Status
| Package | Release | Status |
|---|---|---|
|
smarty3 Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.1.33)
|
| Ubuntu 21.10 (Impish Indri) |
Not vulnerable
(3.1.33+20180830.1.3a78a21f+selfpack1-1)
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Not vulnerable
(3.1.33+20180830.1.3a78a21f+selfpack1-1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Not vulnerable
(3.1.33+20180830.1.3a78a21f+selfpack1-1)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Needed
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Not vulnerable
(code not present)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was needs-triage)
|
|
|
Patches: Upstream: https://github.com/smarty-php/smarty/commit/8d21f38dc35c4cd6b31c2f23fc9b8e5adbc56dfe Upstream: https://github.com/smarty-php/smarty/commit/f9ca3c63d1250bb56b2bda609dcc9dd81f0065f8 Upstream: https://github.com/smarty-php/smarty/commit/2e081a51b1effddb23f87952959139ac62654d50 Upstream: https://github.com/smarty-php/smarty/commit/c9dbe1d08c081912d02bd851d1d1b6388f6133d1 |
||