" in a template. ">

Oval Definition:	oval:com.ubuntu.cosmic:def:20148350000
Revision Date: 2014-11-03 Version: 1 Title: CVE-2014-8350 on Ubuntu 18.10 (cosmic) - medium. Description: Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-8350 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND Package Information NOT While related to the CVE in some way, the 'moodle' package in cosmic is not affected (note: 'uses system smarty'). OR The 'smarty3' package in cosmic is affected and needs fixing.
BACK