Vulnerabilities > Smarty > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-24 CVE-2022-29221 Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty debian fedoraproject
8.8
8.8
2022-01-10 CVE-2021-21408 Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty debian fedoraproject
8.8
8.8
2022-01-10 CVE-2021-29454 Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty debian fedoraproject
8.8
8.8
2021-02-22 CVE-2021-26119 Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode.
network
low complexity
smarty debian
7.5
7.5
2018-09-18 CVE-2018-13982 Path Traversal vulnerability in multiple products
Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization.
network
low complexity
smarty debian CWE-22
7.5
7.5