USN-6012-1: Smarty vulnerability
13 April 2023
Smarty could be made to crash or run programs if it received a specially crafted template.
- smarty3 - The compiling PHP template engine
It was discovered that Smarty incorrectly parsed blocks' names and
included files' names. A remote attacker with template writing permissions
could use this issue to execute arbitrary PHP code. (CVE-2022-29221)
- USN-6550-1: postfixadmin