{"id":"MGASA-2022-0226","summary":"Updated php-smarty packages fix security vulnerability","details":"Template authors could inject php code by choosing a malicious {block}\nname or {include} file name. (CVE-2022-29221)\n","modified":"2026-04-16T00:12:13.716014476Z","published":"2022-06-13T20:44:20Z","upstream":["CVE-2022-29221"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0226.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30495"},{"type":"WEB","url":"https://www.debian.org/security/2022/dsa-5151"},{"type":"ADVISORY","url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c"},{"type":"WEB","url":"https://github.com/smarty-php/smarty/releases/tag/v4.1.1"}],"affected":[{"package":{"name":"php-smarty","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/php-smarty?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.1.1-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0226.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}