Information on source package smarty3

Available versions

ReleaseVersion
wheezy3.1.10-2
wheezy (security)3.1.10-2+deb7u1
jessie3.1.21-1
stretch3.1.31+20161214.1.c7d42e4+selfpack1-2
buster3.1.31+20161214.1.c7d42e4+selfpack1-2
sid3.1.31+20161214.1.c7d42e4+selfpack1-3

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-1000480vulnerablevulnerablevulnerablevulnerablefixedSmarty 3 before 3.1.32 is vulnerable to a PHP code injection when ...

Resolved issues

BugDescription
TEMP-0000000-2C7EFDincorrect handling of {$smarty.template} and {$smarty.current_dir}
CVE-2014-8350Smarty before 3.1.21 allows remote attackers to bypass the secure mode ...
CVE-2012-4437Cross-site scripting (XSS) vulnerability in the SmartyException class ...
CVE-2012-4277Cross-site scripting (XSS) vulnerability in the ...
CVE-2011-1028
CVE-2010-4727Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> ...
CVE-2010-4726Unspecified vulnerability in the math plugin in Smarty before 3.0.0 ...
CVE-2010-4725Smarty before 3.0.0 RC3 does not properly handle an on value of the ...
CVE-2010-4724Multiple unspecified vulnerabilities in the parser implementation in ...
CVE-2010-4723Smarty before 3.0.0, when security is enabled, does not prevent access ...
CVE-2010-4722Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 ...
CVE-2009-5054Smarty before 3.0.0 beta 4 does not consider the umask value when ...
CVE-2009-5053Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote ...
CVE-2009-5052Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 ...

Security announcements

DSA / DLADescription
DLA-452-1smarty3 - security update

Search for package or bug name: Reporting problems