{"id":"MGASA-2021-0335","summary":"Updated php-smarty package fixes security vulnerabilities","details":"Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object\ncan be accessed in sandbox mode (CVE-2021-26119).\n\nSmarty before 3.1.39 allows code injection via an unexpected function name\nafter a {function name= substring (CVE-2021-26120).\n","modified":"2026-04-16T00:12:30.515406216Z","published":"2021-07-10T20:00:34Z","upstream":["CVE-2021-26119","CVE-2021-26120"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0335.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28996"},{"type":"WEB","url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.39"},{"type":"WEB","url":"https://www.debian.org/lts/security/2021/dla-2618"}],"affected":[{"package":{"name":"php-smarty","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/php-smarty?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.1.39-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0335.json"}},{"package":{"name":"php-smarty","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/php-smarty?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.1.39-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0335.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}