CVE-2021-21408

Опубликовано: 10 янв. 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.5

CVSS3: 8.8

Описание

Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch.

Релиз	Статус	Примечание
bionic	released	3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1
devel	released	3.1.39-2ubuntu1
esm-apps/bionic	released	3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1
esm-apps/focal	released	3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1~esm1
esm-apps/jammy	released	3.1.39-2ubuntu1
esm-apps/noble	released	3.1.39-2ubuntu1
esm-apps/xenial	released	3.1.21-1ubuntu1+esm1
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needed
hirsute	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 51%

0.0028

Низкий

6.5 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2021-21408

CVSS3: 8.8

nvd

около 4 лет назад

CVE-2021-21408

CVSS3: 8.8

debian

около 4 лет назад

Smarty is a template engine for PHP, facilitating the separation of pr ...

GHSA-4h9c-v5vg-5m6m

CVSS3: 8.8

github

около 4 лет назад

Access to restricted PHP code by dynamic static class access in smarty

EPSS

Процентиль: 51%

0.0028

Низкий

6.5 Medium

CVSS2

8.8 High

CVSS3

CVE-2021-21408

Описание

Пакет smarty3

Ссылки на источники

Связанные уязвимости