-
Notifications
You must be signed in to change notification settings - Fork 0
/
USN-5348-3.json
65 lines (65 loc) · 3.2 KB
/
USN-5348-3.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
{
"id": "USN-5348-3",
"summary": "smarty3 vulnerabilities",
"details": "USN-5348-1 fixed several vulnerabilities in Smarty. This update provides\nthe fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and\nCVE-2021-29454 for Ubuntu 20.04 ESM.\n\nOriginal advisory details:\n\n David Gnedt and Thomas Konrad discovered that Smarty was incorrectly\n sanitizing the paths present in the templates. An attacker could possibly\n use this use to read arbitrary files when controlling the executed\n template. (CVE-2018-13982)\n\n It was discovered that Smarty was incorrectly sanitizing the paths\n present in the templates. An attacker could possibly use this use to read\n arbitrary files when controlling the executed template. (CVE-2018-16831)\n\n It was discovered that Smarty was incorrectly validating security policy\n data, allowing the execution of static classes even when not permitted by\n the security settings. An attacker could possibly use this issue to\n execute arbitrary code. (CVE-2021-21408)\n\n It was discovered that Smarty was incorrectly managing access control to\n template objects, which allowed users to perform a sandbox escape. An\n attacker could possibly use this issue to send specially crafted input to\n applications that use Smarty and execute arbitrary code. (CVE-2021-26119)\n\n It was discovered that Smarty was not checking for special characters\n when setting function names during plugin compile operations. An attacker\n could possibly use this issue to send specially crafted input to\n applications that use Smarty and execute arbitrary code. (CVE-2021-26120)\n\n It was discovered that Smarty was incorrectly sanitizing characters in\n math strings processed by the math function. An attacker could possibly\n use this issue to send specially crafted input to applications that use\n Smarty and execute arbitrary code. (CVE-2021-29454)\n",
"aliases": [],
"related": [
"CVE-2021-21408",
"CVE-2021-26119",
"CVE-2021-26120",
"CVE-2021-29454"
],
"published": "2022-06-21T15:29:25.781864Z",
"modified": "2022-06-21T15:29:25.781864Z",
"affected": [
{
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "smarty3"
},
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1~esm1"
}
]
}
],
"ecosystem_specific": {
"binaries": [
{
"smarty3": "3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1~esm1"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5348-3"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-21408"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-26119"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-26120"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-29454"
}
]
}