阿里云漏洞库

Smarty是基于PHP的模板引擎，有助于将表示 (HTML/CSS) 与应用程序逻辑分离。

Smarty 3.1.45之前的3.1.x版本以及4.1.1之前的4.1.x版本存在代码注入漏洞，远程攻击者利用该漏洞可以发送专门编写的请求，并在目标系统上执行任意PHP代码。

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

http://github.com/smarty-php/smarty/releases/tag/v4.1.1

参考链接
https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd
https://github.com/smarty-php/smarty/releases/tag/v3.1.45
https://github.com/smarty-php/smarty/releases/tag/v4.1.1
https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c
https://lists.debian.org/debian-lts-announce/2022/05/msg00044.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://security.gentoo.org/glsa/202209-09
https://www.debian.org/security/2022/dsa-5151

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	smarty	smarty	*		Up to (excluding) 3.1.45
	运行在以下环境
	应用	smarty	smarty	*	From (including) 4.0.0	Up to (excluding) 4.1.1
	运行在以下环境
	系统	debian_10	smarty3	*		Up to (excluding) 3.1.33+20180830.1.3a78a21f+selfpack1-1+deb10u1
	运行在以下环境
	系统	debian_11	smarty3	*		Up to (excluding) 3.1.39-2+deb11u1
	运行在以下环境
	系统	debian_12	smarty3	*		Up to (excluding) 3.1.45-1
	运行在以下环境
	系统	debian_9	smarty3	*		Up to (excluding) 3.1.31+20161214.1.c7d42e4+selfpack1-2+deb9u6
	运行在以下环境
	系统	fedora_36	php-Smarty	*		Up to (excluding) 3.1.47-1.fc36
	运行在以下环境
	系统	fedora_37	php-Smarty	*		Up to (excluding) 3.1.47-1.fc37
	运行在以下环境
	系统	fedora_EPEL_7	php-Smarty	*		Up to (excluding) 3.1.47-1.el7
	运行在以下环境
	系统	ubuntu_22.04	smarty3	*		Up to (excluding) 3.1.39-2ubuntu1.22.04.1
	运行在以下环境
	系统	ubuntu_22.10	smarty3	*		Up to (excluding) 3.1.39-2ubuntu1.22.10.1

CWE-ID	漏洞类型
CWE-94	对生成代码的控制不恰当（代码注入）