VDB
CVE-2021-29454
CVE-2021-29454
PUBLISHED
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code by crafting a malicious math string. If a math string was passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string. Users should upgrade to version 3.1.42 or 4.0.2 to receive a patch.
EPSS 0.64% · 71.1th percentile
Risk Scores
EPSS Score
0.64%
71.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | smarty3 | 0, 3.1.31+20161214.1.c7d42e4+selfpack1-2, 3.1.31+20161214.1.c7d42e4+selfpack1-3 |
| Ubuntu:22.04:LTS | smarty3 | 0, 3.1.39-2 |
| Ubuntu:Pro:16.04:LTS | smarty3 | 0, 3.1.21-1ubuntu1, 3.1.21-1 |
| Ubuntu:Pro:20.04:LTS | smarty3 | 0, 3.1.34+20190228.1.c9f0de05+selfpack1-1, * |
Exploit Intelligence
- https://github.com/smarty-php/smarty/security/advisories/GHSA-29gp-2c3m-3j6m (circl)
- https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71 (circl)
- https://github.com/smarty-php/smarty/releases/tag/v3.1.42 (circl)
- https://github.com/smarty-php/smarty/releases/tag/v4.0.2 (circl)
- https://packagist.org/packages/smarty/smarty (circl)
- https://www.smarty.net/docs/en/language.function.math.tpl (circl)
- [debian-lts-announce] 20220505 [SECURITY] [DLA 2995-1] smarty3 security update (circl)
- DSA-5151 (circl)
- GLSA-202209-09 (circl)
- FEDORA-2022-52154efd61 (circl)
…and 1 more exploits
Timeline
- Jan 10, 2022 CVE Published
- Jan 11, 2022 EPSS Score
- Mar 5, 2022 EPSS Score
- Apr 28, 2022 EPSS Score
- Aug 14, 2022 EPSS Score
- Oct 6, 2022 EPSS Score
- Nov 28, 2022 EPSS Score
- Jan 21, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 15, 2023 EPSS Score
- Jun 30, 2023 EPSS Score
- Aug 23, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-29454 third-party-advisory
- https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71 third-party-advisory
- https://github.com/smarty-php/smarty/security/advisories/GHSA-29gp-2c3m-3j6m third-party-advisory
- https://packagist.org/packages/smarty/smarty third-party-advisory
- https://github.com/smarty-php/smarty/releases/tag/v3.1.42 third-party-advisory
- https://www.smarty.net/docs/en/language.function.math.tpl third-party-advisory
- https://github.com/smarty-php/smarty/releases/tag/v4.0.2 third-party-advisory
- https://ubuntu.com/security/notices/USN-5348-1 vendor-advisory
- https://ubuntu.com/security/notices/USN-5348-3 vendor-advisory
- https://ubuntu.com/security/notices/USN-5348-2 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-29454 third-party-advisory