Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-21408: Merge pull request from GHSA-4h9c-v5vg-5m6m · smarty-php/smarty@19ae410

Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch.

CVE
#php#auth

@@ -257,19 +257,41 @@ public function testTrustedStaticClass() $this->assertEquals(‘25’, $this->smarty->fetch($tpl)); }
/** * test not trusted PHP function * @runInSeparateProcess * @preserveGlobalState disabled */ public function testNotTrustedStaticClass() { /** * test not trusted PHP function * @runInSeparateProcess * @preserveGlobalState disabled */ public function testNotTrustedStaticClass() { $this->expectException(‘SmartyException’); $this->expectExceptionMessage(‘access to static class \’mysecuritystaticclass\’ not allowed by security setting’); $this->smarty->security_policy->static_classes = array(‘null’); $this->smarty->fetch(‘string:{mysecuritystaticclass::square(5)}’); }
/** * test not trusted PHP function */ public function testNotTrustedStaticClassEval() { $this->expectException(‘SmartyException’); $this->expectExceptionMessage(‘dynamic static class not allowed by security setting’); $this->smarty->security_policy->static_classes = array(‘null’); $this->smarty->fetch(‘string:{$test = "mysecuritystaticclass"}{$test::square(5)}’); }
/** * test not trusted PHP function */ public function testNotTrustedStaticClassSmartyVar() { $this->expectException(‘SmartyException’); $this->expectExceptionMessage(‘dynamic static class not allowed by security setting’); $this->smarty->security_policy->static_classes = array(‘null’); $this->smarty->fetch(‘string:{$smarty.template_object::square(5)}’); }
public function testChangedTrustedDirectory() { $this->smarty->security_policy->secure_dir = array(

Related news

Gentoo Linux Security Advisory 202209-09

Gentoo Linux Security Advisory 202209-9 - Multiple vulnerabilities have been found in Smarty, the worst of which could result in remote code execution. Versions less than 4.2.1 are affected.

CVE-2021-26119: smarty/CHANGELOG.md at master · smarty-php/smarty

Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907