{"url":"http://public2.vulnerablecode.io/api/packages/200032?format=json","purl":"pkg:composer/smarty/smarty@3.1.15","type":"composer","namespace":"smarty","name":"smarty","version":"3.1.15","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.5.3","latest_non_vulnerable_version":"5.2.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44786?format=json","vulnerability_id":"VCID-3829-yarc-yqh3","summary":"smarty Cross-site Scripting vulnerability in Javascript escaping\nAn attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28447","reference_id":"","reference_type":"","scores":[{"value":"0.01189","scoring_system":"epss","scoring_elements":"0.79192","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01189","scoring_system":"epss","scoring_elements":"0.79184","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01189","scoring_system":"epss","scoring_elements":"0.79187","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28447"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/commit/685662466f653597428966d75a661073104d713d","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/commit/685662466f653597428966d75a661073104d713d"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00013.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSAUM3YHWHO4UCJXRGRLQGPJAO3MFOZZ","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSAUM3YHWHO4UCJXRGRLQGPJAO3MFOZZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBB35GLYTL6JL6EOM6BOZNYP47JKNNHT","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBB35GLYTL6JL6EOM6BOZNYP47JKNNHT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P7O7SKTATM6GAP45S64QFXNLWIY5I7HP","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P7O7SKTATM6GAP45S64QFXNLWIY5I7HP"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033964","reference_id":"1033964","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033964"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033965","reference_id":"1033965","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033965"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28447","reference_id":"CVE-2023-28447","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28447"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2023-28447.yaml","reference_id":"CVE-2023-28447.YAML","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2023-28447.yaml"},{"reference_url":"https://github.com/advisories/GHSA-7j98-h7fp-4vwj","reference_id":"GHSA-7j98-h7fp-4vwj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7j98-h7fp-4vwj"},{"reference_url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj","reference_id":"GHSA-7j98-h7fp-4vwj","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj"},{"reference_url":"https://usn.ubuntu.com/6550-1/","reference_id":"USN-6550-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6550-1/"},{"reference_url":"https://usn.ubuntu.com/7158-1/","reference_id":"USN-7158-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7158-1/"},{"reference_url":"https://usn.ubuntu.com/8242-1/","reference_id":"USN-8242-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8242-1/"},{"reference_url":"https://usn.ubuntu.com/8242-2/","reference_id":"USN-8242-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8242-2/"},{"reference_url":"https://usn.ubuntu.com/8272-1/","reference_id":"USN-8272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64452?format=json","purl":"pkg:composer/smarty/smarty@3.1.48","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3yk-8fmf-x7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.48"},{"url":"http://public2.vulnerablecode.io/api/packages/64451?format=json","purl":"pkg:composer/smarty/smarty@4.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3yk-8fmf-x7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.3.1"}],"aliases":["CVE-2023-28447","GHSA-7j98-h7fp-4vwj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3829-yarc-yqh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39251?format=json","vulnerability_id":"VCID-3xs3-13we-6ffu","summary":"Code Injection\nSmarty 3 is vulnerable to a PHP code injection when calling `fetch()` or `display()` functions on custom resources that does not sanitize template name.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000480","reference_id":"","reference_type":"","scores":[{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.7084","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70873","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.7089","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70883","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000480"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/blob/master/change_log.txt","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/blob/master/change_log.txt"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/02/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/02/msg00000.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4094","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4094"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886460","reference_id":"886460","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886460"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000480","reference_id":"CVE-2017-1000480","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000480"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54799?format=json","purl":"pkg:composer/smarty/smarty@3.1.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-d7cx-7mkv-3qhe"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"},{"vulnerability":"VCID-jhg5-tdyz-uyh4"},{"vulnerability":"VCID-mmfc-us8q-xbha"},{"vulnerability":"VCID-qnee-xruu-sfb1"},{"vulnerability":"VCID-vnb9-5w8q-r3bd"},{"vulnerability":"VCID-xmrr-2jyf-5yhj"},{"vulnerability":"VCID-zgxx-cfyu-1ffy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.32"},{"url":"http://public2.vulnerablecode.io/api/packages/215090?format=json","purl":"pkg:composer/smarty/smarty@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3yk-8fmf-x7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.3.3"}],"aliases":["CVE-2017-1000480","GHSA-9m49-vhwv-422g"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3xs3-13we-6ffu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101017?format=json","vulnerability_id":"VCID-4dmb-dnk6-6qdd","summary":"Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29221","reference_id":"","reference_type":"","scores":[{"value":"0.25501","scoring_system":"epss","scoring_elements":"0.96324","published_at":"2026-06-04T12:55:00Z"},{"value":"0.25501","scoring_system":"epss","scoring_elements":"0.96334","published_at":"2026-06-07T12:55:00Z"},{"value":"0.25501","scoring_system":"epss","scoring_elements":"0.96333","published_at":"2026-06-06T12:55:00Z"},{"value":"0.25501","scoring_system":"epss","scoring_elements":"0.96329","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29221"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29221"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2022-29221.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2022-29221.yaml"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:58Z/"}],"url":"https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd"},{"reference_url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.45","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:58Z/"}],"url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.45"},{"reference_url":"https://github.com/smarty-php/smarty/releases/tag/v4.1.1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:58Z/"}],"url":"https://github.com/smarty-php/smarty/releases/tag/v4.1.1"},{"reference_url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:58Z/"}],"url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00044.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:58Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00044.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29221","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29221"},{"reference_url":"https://security.gentoo.org/glsa/202209-09","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:58Z/"}],"url":"https://security.gentoo.org/glsa/202209-09"},{"reference_url":"https://www.debian.org/security/2022/dsa-5151","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:58Z/"}],"url":"https://www.debian.org/security/2022/dsa-5151"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011757","reference_id":"1011757","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011757"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011758","reference_id":"1011758","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011758"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/","reference_id":"BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/"},{"reference_url":"https://github.com/advisories/GHSA-634x-pc3q-cf4c","reference_id":"GHSA-634x-pc3q-cf4c","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-634x-pc3q-cf4c"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/","reference_id":"L777JIBIWJV34HS7LXPIDWASG7TT4LNI","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/"},{"reference_url":"https://usn.ubuntu.com/6012-1/","reference_id":"USN-6012-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6012-1/"},{"reference_url":"https://usn.ubuntu.com/6550-1/","reference_id":"USN-6550-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6550-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/151845?format=json","purl":"pkg:composer/smarty/smarty@3.1.45","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.45"},{"url":"http://public2.vulnerablecode.io/api/packages/151846?format=json","purl":"pkg:composer/smarty/smarty@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.1.1"}],"aliases":["CVE-2022-29221","GHSA-634x-pc3q-cf4c"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4dmb-dnk6-6qdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55076?format=json","vulnerability_id":"VCID-a3yk-8fmf-x7fw","summary":"Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tag\nTemplate authors could inject php code by choosing a malicous file name for an extends-tag. Users that cannot fully trust template authors should update asap.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35226","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51578","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.516","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51593","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35226"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-03T18:08:18Z/"}],"url":"https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00013.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072529","reference_id":"1072529","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072529"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072530","reference_id":"1072530","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072530"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35226","reference_id":"CVE-2024-35226","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35226"},{"reference_url":"https://github.com/advisories/GHSA-4rmg-292m-wg3w","reference_id":"GHSA-4rmg-292m-wg3w","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4rmg-292m-wg3w"},{"reference_url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-4rmg-292m-wg3w","reference_id":"GHSA-4rmg-292m-wg3w","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-03T18:08:18Z/"}],"url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-4rmg-292m-wg3w"},{"reference_url":"https://usn.ubuntu.com/7158-1/","reference_id":"USN-7158-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7158-1/"},{"reference_url":"https://usn.ubuntu.com/7377-1/","reference_id":"USN-7377-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7377-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81675?format=json","purl":"pkg:composer/smarty/smarty@4.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/81674?format=json","purl":"pkg:composer/smarty/smarty@5.1.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@5.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/742527?format=json","purl":"pkg:composer/smarty/smarty@5.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@5.2.0"}],"aliases":["CVE-2024-35226","GHSA-4rmg-292m-wg3w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a3yk-8fmf-x7fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40249?format=json","vulnerability_id":"VCID-d7cx-7mkv-3qhe","summary":"Path Traversal\n`Smarty_Security::isTrustedResourceDir()` in Smarty is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13982","reference_id":"","reference_type":"","scores":[{"value":"0.02331","scoring_system":"epss","scoring_elements":"0.85129","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02331","scoring_system":"epss","scoring_elements":"0.85158","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02331","scoring_system":"epss","scoring_elements":"0.85153","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13982"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2018-13982.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2018-13982.yaml"},{"reference_url":"https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180420-01_Smarty_Path_Traversal","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180420-01_Smarty_Path_Traversal"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/commit/2e081a51b1effddb23f87952959139ac62654d50","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/commit/2e081a51b1effddb23f87952959139ac62654d50"},{"reference_url":"https://github.com/smarty-php/smarty/commit/8d21f38dc35c4cd6b31c2f23fc9b8e5adbc56dfe","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/commit/8d21f38dc35c4cd6b31c2f23fc9b8e5adbc56dfe"},{"reference_url":"https://github.com/smarty-php/smarty/commit/bcedfd6b58bed4a7366336979ebaa5a240581531","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/commit/bcedfd6b58bed4a7366336979ebaa5a240581531"},{"reference_url":"https://github.com/smarty-php/smarty/commit/c9dbe1d08c081912d02bd851d1d1b6388f6133d1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/commit/c9dbe1d08c081912d02bd851d1d1b6388f6133d1"},{"reference_url":"https://github.com/smarty-php/smarty/commit/f9ca3c63d1250bb56b2bda609dcc9dd81f0065f8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/commit/f9ca3c63d1250bb56b2bda609dcc9dd81f0065f8"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/10/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/10/msg00015.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13982","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13982"},{"reference_url":"https://github.com/advisories/GHSA-7gfx-wxfh-7rvm","reference_id":"GHSA-7gfx-wxfh-7rvm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7gfx-wxfh-7rvm"},{"reference_url":"https://usn.ubuntu.com/5348-1/","reference_id":"USN-5348-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5348-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56421?format=json","purl":"pkg:composer/smarty/smarty@3.1.33","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"},{"vulnerability":"VCID-jhg5-tdyz-uyh4"},{"vulnerability":"VCID-mmfc-us8q-xbha"},{"vulnerability":"VCID-qnee-xruu-sfb1"},{"vulnerability":"VCID-xmrr-2jyf-5yhj"},{"vulnerability":"VCID-zgxx-cfyu-1ffy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.33"}],"aliases":["CVE-2018-13982","GHSA-7gfx-wxfh-7rvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d7cx-7mkv-3qhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101016?format=json","vulnerability_id":"VCID-h2k4-cqfq-sbhw","summary":"In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a user.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25047","reference_id":"","reference_type":"","scores":[{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70684","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70651","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70694","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70701","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25047"},{"reference_url":"https://bugs.gentoo.org/870100","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.gentoo.org/870100"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25047"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2018-25047.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2018-25047.yaml"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/commit/55ea25d1f50f0406fb1ccedd212c527977793fc9","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/commit/55ea25d1f50f0406fb1ccedd212c527977793fc9"},{"reference_url":"https://github.com/smarty-php/smarty/issues/454","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/issues/454"},{"reference_url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.47","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.47"},{"reference_url":"https://github.com/smarty-php/smarty/releases/tag/v4.2.1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/releases/tag/v4.2.1"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00002.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00013.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25047","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25047"},{"reference_url":"https://security.gentoo.org/glsa/202209-09","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202209-09"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019896","reference_id":"1019896","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019896"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019897","reference_id":"1019897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019897"},{"reference_url":"https://github.com/advisories/GHSA-hwq7-5vv9-c6cf","reference_id":"GHSA-hwq7-5vv9-c6cf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hwq7-5vv9-c6cf"},{"reference_url":"https://usn.ubuntu.com/7158-1/","reference_id":"USN-7158-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7158-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/145718?format=json","purl":"pkg:composer/smarty/smarty@3.1.47","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.47"},{"url":"http://public2.vulnerablecode.io/api/packages/145720?format=json","purl":"pkg:composer/smarty/smarty@4.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.2.1"}],"aliases":["CVE-2018-25047","GHSA-hwq7-5vv9-c6cf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2k4-cqfq-sbhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42016?format=json","vulnerability_id":"VCID-jhg5-tdyz-uyh4","summary":"Improper Input Validation\nSmarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. A vulnerability was found that may allow template authors could run restricted static php methods.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21408","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64968","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64966","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64926","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64978","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29221"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2021-21408.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2021-21408.yaml"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/commit/19ae410bf56007a5ef24441cdc6414619cfaf664","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:17Z/"}],"url":"https://github.com/smarty-php/smarty/commit/19ae410bf56007a5ef24441cdc6414619cfaf664"},{"reference_url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.43","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:17Z/"}],"url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.43"},{"reference_url":"https://github.com/smarty-php/smarty/releases/tag/v4.0.3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:17Z/"}],"url":"https://github.com/smarty-php/smarty/releases/tag/v4.0.3"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00005.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/"},{"reference_url":"https://security.gentoo.org/glsa/202209-09","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:17Z/"}],"url":"https://security.gentoo.org/glsa/202209-09"},{"reference_url":"https://www.debian.org/security/2022/dsa-5151","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:17Z/"}],"url":"https://www.debian.org/security/2022/dsa-5151"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010375","reference_id":"1010375","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010375"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/","reference_id":"BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21408","reference_id":"CVE-2021-21408","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21408"},{"reference_url":"https://github.com/advisories/GHSA-4h9c-v5vg-5m6m","reference_id":"GHSA-4h9c-v5vg-5m6m","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4h9c-v5vg-5m6m"},{"reference_url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-4h9c-v5vg-5m6m","reference_id":"GHSA-4h9c-v5vg-5m6m","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:17Z/"}],"url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-4h9c-v5vg-5m6m"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/","reference_id":"L777JIBIWJV34HS7LXPIDWASG7TT4LNI","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/"},{"reference_url":"https://usn.ubuntu.com/5348-1/","reference_id":"USN-5348-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5348-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5348-2/","reference_id":"USN-USN-5348-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5348-2/"},{"reference_url":"https://usn.ubuntu.com/USN-5348-3/","reference_id":"USN-USN-5348-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5348-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60089?format=json","purl":"pkg:composer/smarty/smarty@3.1.43","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.43"},{"url":"http://public2.vulnerablecode.io/api/packages/550650?format=json","purl":"pkg:composer/smarty/smarty@4.0.0-rc.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3yk-8fmf-x7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.0.0-rc.0"},{"url":"http://public2.vulnerablecode.io/api/packages/60090?format=json","purl":"pkg:composer/smarty/smarty@4.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/215090?format=json","purl":"pkg:composer/smarty/smarty@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3yk-8fmf-x7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.3.3"}],"aliases":["CVE-2021-21408","GHSA-4h9c-v5vg-5m6m"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jhg5-tdyz-uyh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42013?format=json","vulnerability_id":"VCID-mmfc-us8q-xbha","summary":"Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')\nSmarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Template authors could run arbitrary PHP code by crafting a malicious math string. If a math string was passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29454","reference_id":"","reference_type":"","scores":[{"value":"0.00643","scoring_system":"epss","scoring_elements":"0.71074","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00643","scoring_system":"epss","scoring_elements":"0.71064","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00643","scoring_system":"epss","scoring_elements":"0.71081","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00643","scoring_system":"epss","scoring_elements":"0.71031","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29221"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2021-29454.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2021-29454.yaml"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71"},{"reference_url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.42","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.42"},{"reference_url":"https://github.com/smarty-php/smarty/releases/tag/v4.0.2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://github.com/smarty-php/smarty/releases/tag/v4.0.2"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00005.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/"},{"reference_url":"https://packagist.org/packages/smarty/smarty","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://packagist.org/packages/smarty/smarty"},{"reference_url":"https://security.gentoo.org/glsa/202209-09","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://security.gentoo.org/glsa/202209-09"},{"reference_url":"https://www.debian.org/security/2022/dsa-5151","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://www.debian.org/security/2022/dsa-5151"},{"reference_url":"https://www.smarty.net/docs/en/language.function.math.tpl","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://www.smarty.net/docs/en/language.function.math.tpl"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010375","reference_id":"1010375","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010375"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/","reference_id":"BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29454","reference_id":"CVE-2021-29454","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29454"},{"reference_url":"https://github.com/advisories/GHSA-29gp-2c3m-3j6m","reference_id":"GHSA-29gp-2c3m-3j6m","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-29gp-2c3m-3j6m"},{"reference_url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-29gp-2c3m-3j6m","reference_id":"GHSA-29gp-2c3m-3j6m","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-29gp-2c3m-3j6m"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/","reference_id":"L777JIBIWJV34HS7LXPIDWASG7TT4LNI","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:57:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/"},{"reference_url":"https://usn.ubuntu.com/5348-1/","reference_id":"USN-5348-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5348-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5348-2/","reference_id":"USN-USN-5348-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5348-2/"},{"reference_url":"https://usn.ubuntu.com/USN-5348-3/","reference_id":"USN-USN-5348-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5348-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60081?format=json","purl":"pkg:composer/smarty/smarty@3.1.42","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"},{"vulnerability":"VCID-jhg5-tdyz-uyh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.42"},{"url":"http://public2.vulnerablecode.io/api/packages/60082?format=json","purl":"pkg:composer/smarty/smarty@4.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"},{"vulnerability":"VCID-jhg5-tdyz-uyh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.0.2"}],"aliases":["CVE-2021-29454","GHSA-29gp-2c3m-3j6m"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mmfc-us8q-xbha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46112?format=json","vulnerability_id":"VCID-qnee-xruu-sfb1","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41661","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2525","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25234","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25184","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41661"},{"reference_url":"https://patchstack.com/database/vulnerability/smarty-for-wordpress/wordpress-smarty-for-wordpress-plugin-3-1-35-cross-site-scripting-xss-vulnerability?_s_id=cve","reference_id":"","reference_type":"","scores":[],"url":"https://patchstack.com/database/vulnerability/smarty-for-wordpress/wordpress-smarty-for-wordpress-plugin-3-1-35-cross-site-scripting-xss-vulnerability?_s_id=cve"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41661","reference_id":"CVE-2023-41661","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41661"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67148?format=json","purl":"pkg:composer/smarty/smarty@3.1.36","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"},{"vulnerability":"VCID-jhg5-tdyz-uyh4"},{"vulnerability":"VCID-mmfc-us8q-xbha"},{"vulnerability":"VCID-xmrr-2jyf-5yhj"},{"vulnerability":"VCID-zgxx-cfyu-1ffy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.36"}],"aliases":["CVE-2023-41661"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qnee-xruu-sfb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37767?format=json","vulnerability_id":"VCID-rr48-d56n-hugj","summary":"Secure mode bypass\nScript language=\"php\" HTML tags are interpreted even in secure mode. This may allow a remote attacker to bypass secure mode's intended restrictions and execute arbitrary PHP code.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0468.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://advisories.mageia.org/MGASA-2014-0468.html"},{"reference_url":"http://osvdb.org/show/osvdb/113683","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/show/osvdb/113683"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8350","reference_id":"","reference_type":"","scores":[{"value":"0.00473","scoring_system":"epss","scoring_elements":"0.65099","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00473","scoring_system":"epss","scoring_elements":"0.651","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00473","scoring_system":"epss","scoring_elements":"0.65111","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00473","scoring_system":"epss","scoring_elements":"0.65058","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8350"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765920","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765920"},{"reference_url":"https://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt?r=4902","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt?r=4902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8350"},{"reference_url":"http://seclists.org/oss-sec/2014/q4/420","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2014/q4/420"},{"reference_url":"http://seclists.org/oss-sec/2014/q4/421","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2014/q4/421"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/97725","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/97725"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8350","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8350"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:221","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:221"},{"reference_url":"http://www.securityfocus.com/bid/70708","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/70708"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52026?format=json","purl":"pkg:composer/smarty/smarty@3.1.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-3xs3-13we-6ffu"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-d7cx-7mkv-3qhe"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"},{"vulnerability":"VCID-jhg5-tdyz-uyh4"},{"vulnerability":"VCID-mmfc-us8q-xbha"},{"vulnerability":"VCID-qnee-xruu-sfb1"},{"vulnerability":"VCID-vnb9-5w8q-r3bd"},{"vulnerability":"VCID-xmrr-2jyf-5yhj"},{"vulnerability":"VCID-zgxx-cfyu-1ffy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.21"}],"aliases":["CVE-2014-8350","GHSA-2pmx-6mm6-6v72"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rr48-d56n-hugj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40226?format=json","vulnerability_id":"VCID-vnb9-5w8q-r3bd","summary":"Path Traversal\nSmarty allows attackers to bypass the `trusted_dir` protection mechanism via a `/../` substring in an `include` statement.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16831","reference_id":"","reference_type":"","scores":[{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.58445","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.58436","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.58389","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16831"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2018-16831.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2018-16831.yaml"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/commit/f9ca3c63d1250bb56b2bda609dcc9dd81f0065f8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/commit/f9ca3c63d1250bb56b2bda609dcc9dd81f0065f8"},{"reference_url":"https://github.com/smarty-php/smarty/issues/486","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/issues/486"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908698","reference_id":"908698","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908698"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16831","reference_id":"CVE-2018-16831","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16831"},{"reference_url":"https://usn.ubuntu.com/5348-1/","reference_id":"USN-5348-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5348-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56421?format=json","purl":"pkg:composer/smarty/smarty@3.1.33","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"},{"vulnerability":"VCID-jhg5-tdyz-uyh4"},{"vulnerability":"VCID-mmfc-us8q-xbha"},{"vulnerability":"VCID-qnee-xruu-sfb1"},{"vulnerability":"VCID-xmrr-2jyf-5yhj"},{"vulnerability":"VCID-zgxx-cfyu-1ffy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.33"},{"url":"http://public2.vulnerablecode.io/api/packages/215090?format=json","purl":"pkg:composer/smarty/smarty@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3yk-8fmf-x7fw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@4.3.3"}],"aliases":["CVE-2018-16831","GHSA-65j5-vpm7-6xp4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnb9-5w8q-r3bd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54095?format=json","vulnerability_id":"VCID-xmrr-2jyf-5yhj","summary":"Code Injection\nSmarty allows code injection via an unexpected function name after a `{function name=` substring.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26120","reference_id":"","reference_type":"","scores":[{"value":"0.7558","scoring_system":"epss","scoring_elements":"0.98919","published_at":"2026-06-06T12:55:00Z"},{"value":"0.7558","scoring_system":"epss","scoring_elements":"0.98918","published_at":"2026-06-07T12:55:00Z"},{"value":"0.7558","scoring_system":"epss","scoring_elements":"0.98916","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26120"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26120","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26120"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2021-26120.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2021-26120.yaml"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md"},{"reference_url":"https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md#3139---2021-02-17","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md#3139---2021-02-17"},{"reference_url":"https://github.com/smarty-php/smarty/commit/165f1bd4d2eec328cfeaca517a725b46001de838","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/commit/165f1bd4d2eec328cfeaca517a725b46001de838"},{"reference_url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-3rpf-5rqv-689q","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-3rpf-5rqv-689q"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html"},{"reference_url":"https://security.gentoo.org/glsa/202105-06","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202105-06"},{"reference_url":"https://srcincite.io/blog/2021/02/18/smarty-template-engine-multiple-sandbox-escape-vulnerabilities.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://srcincite.io/blog/2021/02/18/smarty-template-engine-multiple-sandbox-escape-vulnerabilities.html"},{"reference_url":"https://www.debian.org/security/2022/dsa-5151","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5151"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-26120","reference_id":"CVE-2021-26120","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-26120"},{"reference_url":"https://github.com/advisories/GHSA-3rpf-5rqv-689q","reference_id":"GHSA-3rpf-5rqv-689q","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3rpf-5rqv-689q"},{"reference_url":"https://usn.ubuntu.com/5348-1/","reference_id":"USN-5348-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5348-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5348-2/","reference_id":"USN-USN-5348-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5348-2/"},{"reference_url":"https://usn.ubuntu.com/USN-5348-3/","reference_id":"USN-USN-5348-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5348-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79805?format=json","purl":"pkg:composer/smarty/smarty@3.1.39","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"},{"vulnerability":"VCID-jhg5-tdyz-uyh4"},{"vulnerability":"VCID-mmfc-us8q-xbha"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.39"}],"aliases":["CVE-2021-26120","GHSA-3rpf-5rqv-689q"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xmrr-2jyf-5yhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54097?format=json","vulnerability_id":"VCID-zgxx-cfyu-1ffy","summary":"Trust Boundary Violation\nSmarty allows a Sandbox Escape because `$smarty.template_object` can be accessed in sandbox mode.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26119","reference_id":"","reference_type":"","scores":[{"value":"0.62613","scoring_system":"epss","scoring_elements":"0.98396","published_at":"2026-06-04T12:55:00Z"},{"value":"0.62613","scoring_system":"epss","scoring_elements":"0.984","published_at":"2026-06-07T12:55:00Z"},{"value":"0.62613","scoring_system":"epss","scoring_elements":"0.98401","published_at":"2026-06-06T12:55:00Z"},{"value":"0.62613","scoring_system":"epss","scoring_elements":"0.98399","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26119"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2021-26119.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/smarty/smarty/CVE-2021-26119.yaml"},{"reference_url":"https://github.com/smarty-php/smarty","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty"},{"reference_url":"https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md"},{"reference_url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-w5hr-jm4j-9jvq","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-w5hr-jm4j-9jvq"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html"},{"reference_url":"https://security.gentoo.org/glsa/202105-06","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202105-06"},{"reference_url":"https://srcincite.io/blog/2021/02/18/smarty-template-engine-multiple-sandbox-escape-vulnerabilities.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://srcincite.io/blog/2021/02/18/smarty-template-engine-multiple-sandbox-escape-vulnerabilities.html"},{"reference_url":"https://www.debian.org/security/2022/dsa-5151","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5151"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-26119","reference_id":"CVE-2021-26119","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-26119"},{"reference_url":"https://github.com/advisories/GHSA-w5hr-jm4j-9jvq","reference_id":"GHSA-w5hr-jm4j-9jvq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w5hr-jm4j-9jvq"},{"reference_url":"https://usn.ubuntu.com/5348-1/","reference_id":"USN-5348-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5348-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5348-2/","reference_id":"USN-USN-5348-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5348-2/"},{"reference_url":"https://usn.ubuntu.com/USN-5348-3/","reference_id":"USN-USN-5348-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5348-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79805?format=json","purl":"pkg:composer/smarty/smarty@3.1.39","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3829-yarc-yqh3"},{"vulnerability":"VCID-4dmb-dnk6-6qdd"},{"vulnerability":"VCID-a3yk-8fmf-x7fw"},{"vulnerability":"VCID-h2k4-cqfq-sbhw"},{"vulnerability":"VCID-jhg5-tdyz-uyh4"},{"vulnerability":"VCID-mmfc-us8q-xbha"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.39"}],"aliases":["CVE-2021-26119","GHSA-w5hr-jm4j-9jvq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgxx-cfyu-1ffy"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/smarty/smarty@3.1.15"}