It exists that Smarty was incorrectly validating security policy data, allowing the execution of static classes even when not permitted by the security settings. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-21408)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
smarty smarty |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
debian debian linux 11.0 |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |