CVE-2010-4722
published 2011-02-03CVE-2010-4722: Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors.
PriorityP335critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
1.88%
76.9th percentile
Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors.
Affected
57 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | smarty3 | < smarty3 3.0.8-1 (bookworm) | smarty3 3.0.8-1 (bookworm) |
| smarty | smarty | <= 3.0.1 | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
| smarty | smarty | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2010-4722: smarty3 - Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown...
vendor_debian·2010·CVSS 10.0
CVE-2010-4722 [CRITICAL] CVE-2010-4722: smarty3 - Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown...
Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors.
Scope: local
bookworm: resolved (fixed in 3.0.8-1)
bullseye: resolved (fixed in 3.0.8-1)
forky: resolved (fixed in 3.0.8-1)
sid: resolved (fixed in 3.0.8-1)
trixie: resolved (fixed in 3.0.8-1)
GHSA
GHSA-h78c-5wx6-pc6r: Unspecified vulnerability in the fetch plugin in Smarty before 3
ghsa_unreviewed·2022-05-17
CVE-2010-4722 [HIGH] GHSA-h78c-5wx6-pc6r: Unspecified vulnerability in the fetch plugin in Smarty before 3
Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors.
OSV
CVE-2010-4722: Unspecified vulnerability in the fetch plugin in Smarty before 3
osv·2011-02-03·CVSS 10.0
CVE-2010-4722 [CRITICAL] CVE-2010-4722: Unspecified vulnerability in the fetch plugin in Smarty before 3
Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2010-4722 CVE-2010-4726 php-Smarty various flaws [fedora-all]
bugzilla·2011-10-25·CVSS 10.0
CVE-2010-4722 [CRITICAL] CVE-2010-4722 CVE-2010-4726 php-Smarty various flaws [fedora-all]
CVE-2010-4722 CVE-2010-4726 php-Smarty various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=748773
Please note: this issue affects multiple supporte
Bugzilla
CVE-2010-4722 CVE-2010-4726 php-Smarty various flaws [epel-6]
bugzilla·2011-10-25·CVSS 10.0
CVE-2010-4722 [CRITICAL] CVE-2010-4722 CVE-2010-4726 php-Smarty various flaws [epel-6]
CVE-2010-4722 CVE-2010-4726 php-Smarty various flaws [epel-6]
epel-6 tracking bug for php-Smarty: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
Adding parent bug CVE-2010-4726
New bodhi update url:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=748773,748887
---
Security fixes were included in 2.x branch with the release of 2.6.27.
Bugzilla
CVE-2010-4722 php-Smarty: Unspecified vulnerability in fetch plugin in Smarty before 3.0.2
bugzilla·2011-10-25·CVSS 10.0
CVE-2010-4722 [CRITICAL] CVE-2010-4722 php-Smarty: Unspecified vulnerability in fetch plugin in Smarty before 3.0.2
CVE-2010-4722 php-Smarty: Unspecified vulnerability in fetch plugin in Smarty before 3.0.2
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-4722 to
the following vulnerability:
Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors.
References:
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4722
[2] http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt
Discussion:
Relevant Smarty Changelog entry:
===== Smarty 3.0.2 =====
12/11/2010
- reactivated $error_reporting property handling
- fixed typo in compile_continue
- fixed security in {fetch} plugin
- changed back plugin parameters to two. second is template object
with transparent access to Smarty object
- fixed {config_load} sc
Bugzilla
CVE-2010-4722 CVE-2010-4726 php-Smarty various flaws [epel-5]
bugzilla·2011-10-25·CVSS 10.0
CVE-2010-4722 [CRITICAL] CVE-2010-4722 CVE-2010-4726 php-Smarty various flaws [epel-5]
CVE-2010-4722 CVE-2010-4726 php-Smarty various flaws [epel-5]
epel-5 tracking bug for php-Smarty: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
Adding parent bug CVE-2010-4726
New bodhi update url:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=748773,748887
---
Security fixes were included in 2.x branch with the release of 2.6.27.
2011-02-03
Published