CVE-2022-29221
Published: 24 May 2022
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds.
Priority
Status
Package | Release | Status |
---|---|---|
collabtive Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
galette Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
gosa Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Needs triage
|
|
impish |
Ignored
(reached end-of-life)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
upstream |
Needs triage
|
|
postfixadmin Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Needs triage
|
|
impish |
Ignored
(reached end-of-life)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
upstream |
Needs triage
|
|
smarty3 Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Needs triage
|
|
impish |
Ignored
(reached end-of-life)
|
|
jammy |
Released
(3.1.39-2ubuntu1.22.04.1)
|
|
kinetic |
Released
(3.1.39-2ubuntu1.22.10.1)
|
|
lunar |
Released
(3.1.39-2ubuntu2)
|
|
upstream |
Needs triage
|
|
smarty4 Launchpad, Ubuntu, Debian |
kinetic |
Needs triage
|
lunar |
Needs triage
|
|
upstream |
Needs triage
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29221
- https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c
- https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd (v4.1.1)
- https://github.com/smarty-php/smarty/commit/3606c4717ed6348e114a610ff1e446048dcd0345 (v3.1.45)
- https://github.com/smarty-php/smarty/releases/tag/v3.1.45
- https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd
- https://github.com/smarty-php/smarty/releases/tag/v4.1.1
- https://ubuntu.com/security/notices/USN-6012-1
- NVD
- Launchpad
- Debian