{"id":"CVE-2009-5054","details":"Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations.","aliases":["GHSA-6m9f-8vwq-97pm"],"modified":"2026-01-27T04:10:07.124494Z","published":"2011-02-03T17:00:01Z","withdrawn":"2026-01-27T04:10:07.124494Z","references":[{"type":"WEB","url":"http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt"}],"schema_version":"1.7.3"}