Описание
Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned object, which has unspecified impact and remote attack vectors.
Уязвимые конфигурации
Конфигурация 1Версия до 3.0.0 (включая)
Одно из
cpe:2.3:a:smarty:smarty:*:rc4:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.0a:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.0b:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.4.0:b1:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.4.0:b2:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.0:rc2:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.0:rc3:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.9:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.10:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.11:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.12:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.13:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.14:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.15:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.16:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.17:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.18:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.20:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.22:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.24:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.25:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:2.6.26:*:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:3.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:3.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:3.0.0:beta6:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:3.0.0:beta7:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:3.0.0:beta8:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:3.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:3.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:smarty:smarty:3.0.0:rc3:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00433
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
почти 15 лет назад
Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned object, which has unspecified impact and remote attack vectors.
debian
почти 15 лет назад
Smarty before 3.0.0, when security is enabled, does not prevent access ...
github
больше 3 лет назад
Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned object, which has unspecified impact and remote attack vectors.
EPSS
Процентиль: 62%
0.00433
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-264