smarty/smarty vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2024-35226Highsmarty/smarty: Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tagCVE-2023-28447Highsmarty/smarty: smarty Cross-site Scripting vulnerability in Javascript escaping CVE-2018-25047Mediumsmarty/smarty: Smarty Cross-site Scripting vulnerability in pages that use smarty_function_mailtoCVE-2022-29221Highsmarty/smarty: PHP Code Injection by malicious block or filename in SmartyCVE-2012-4437Mediumsmarty/smarty: Cross-site Scripting in SmartyExceptionCVE-2014-8350Highsmarty/smarty: Smarty arbitrary PHP code executionCVE-2017-1000480Criticalsmarty/smarty: Smarty PHP code injectionCVE-2018-16831Mediumsmarty/smarty: Smarty Path Traversal VulnerabilityCVE-2018-13982Highsmarty/smarty: Smarty Path Traversal VulnerabilityCVE-2009-5054Mediumsmarty/smarty: Smarty Does Not Consider Umask Values When Setting PermissionsCVE-2011-1028Criticalsmarty/smarty: Smarty3 Arbitrary PHP Code ExecutionCVE-2021-21408Highsmarty/smarty: Access to restricted PHP code by dynamic static class access in smartyCVE-2021-29454Highsmarty/smarty: Sandbox Escape by math function in smartyCVE-2021-26119Highsmarty/smarty: Sandbox escape through template_object in smartyCVE-2021-26120Criticalsmarty/smarty: PHP Code Injection by malicious function name in smarty

Stop the waste.
Protect your environment with Kodem.