{"id":"UBUNTU-CVE-2022-29221","details":"Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds.","modified":"2026-02-05T08:03:07.292610Z","published":"2022-05-24T15:15:00Z","related":["USN-6012-1","USN-6550-1"],"upstream":["CVE-2022-29221"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-29221"},{"type":"REPORT","url":"https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c"},{"type":"REPORT","url":"https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd"},{"type":"REPORT","url":"https://github.com/smarty-php/smarty/commit/3606c4717ed6348e114a610ff1e446048dcd0345"},{"type":"REPORT","url":"https://github.com/smarty-php/smarty/releases/tag/v3.1.45"},{"type":"REPORT","url":"https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd"},{"type":"REPORT","url":"https://github.com/smarty-php/smarty/releases/tag/v4.1.1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6012-1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6550-1"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2022-29221"}],"affected":[{"package":{"name":"collabtive","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/collabtive@2.0+dfsg-6ubuntu1.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.0+dfsg-6","2.0+dfsg-6ubuntu1","2.0+dfsg-6ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_name":"collabtive","binary_version":"2.0+dfsg-6ubuntu1.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"galette","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/galette@0.8+dfsg-1ubuntu1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.8+dfsg-1","0.8+dfsg-1ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"galette","binary_version":"0.8+dfsg-1ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"gosa","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/gosa@2.7.4+reloaded2-9ubuntu1.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.7.4+reloaded2-2","2.7.4+reloaded2-5","2.7.4+reloaded2-6","2.7.4+reloaded2-7","2.7.4+reloaded2-8","2.7.4+reloaded2-9","2.7.4+reloaded2-9ubuntu1","2.7.4+reloaded2-9ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_name":"gosa","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-desktop","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-dev","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-help-de","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-help-en","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-help-fr","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-help-nl","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-connectivity","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-dhcp","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-dhcp-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-dns","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-dns-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-fai","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-fai-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-gofax","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-gofon","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-goto","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-kolab","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-kolab-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-ldapmanager","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-mail","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-mit-krb5","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-mit-krb5-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-nagios","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-nagios-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-netatalk","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-opengroupware","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-openxchange","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-openxchange-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-opsi","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-phpgw","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-phpgw-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-phpscheduleit","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-phpscheduleit-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-pptp","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-pptp-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-pureftpd","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-pureftpd-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-rolemanagement","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-rsyslog","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-samba","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-scalix","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-squid","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-ssh","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-ssh-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-sudo","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-sudo-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-systems","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-uw-imap","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-plugin-webdav","binary_version":"2.7.4+reloaded2-9ubuntu1.1"},{"binary_name":"gosa-schema","binary_version":"2.7.4+reloaded2-9ubuntu1.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"smarty3","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/smarty3@3.1.21-1ubuntu1+esm1?arch=source&distro=esm-apps/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.1.21-1","3.1.21-1ubuntu1","3.1.21-1ubuntu1+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"smarty3","binary_version":"3.1.21-1ubuntu1+esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"gosa","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/gosa@2.7.4+reloaded3-3?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.7.4+reloaded2-13ubuntu1","2.7.4+reloaded3-2ubuntu1","2.7.4+reloaded3-3"],"ecosystem_specific":{"binaries":[{"binary_name":"gosa","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-desktop","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-dev","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-help-de","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-help-en","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-help-fr","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-help-nl","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-connectivity","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-dhcp","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-dhcp-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-dns","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-dns-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-gofax","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-gofon","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-goto","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-kolab","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-kolab-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-ldapmanager","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-mail","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-mit-krb5","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-mit-krb5-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-nagios","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-nagios-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-netatalk","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-opengroupware","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-openxchange","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-openxchange-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-phpgw","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-phpgw-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-phpscheduleit","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-phpscheduleit-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-pptp","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-pptp-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-pureftpd","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-pureftpd-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-rolemanagement","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-rsyslog","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-samba","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-scalix","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-squid","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-ssh","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-ssh-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-sudo","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-sudo-schema","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-systems","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-uw-imap","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-plugin-webdav","binary_version":"2.7.4+reloaded3-3"},{"binary_name":"gosa-schema","binary_version":"2.7.4+reloaded3-3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"postfixadmin","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/postfixadmin@3.0.2-2ubuntu0.1~esm1?arch=source&distro=esm-apps/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.2-2ubuntu0.1~esm1"}]}],"versions":["3.0.2-2"],"ecosystem_specific":{"binaries":[{"binary_name":"postfixadmin","binary_version":"3.0.2-2ubuntu0.1~esm1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"smarty3","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/smarty3@3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1?arch=source&distro=esm-apps/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.1.31+20161214.1.c7d42e4+selfpack1-2","3.1.31+20161214.1.c7d42e4+selfpack1-3","3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1","3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"smarty3","binary_version":"3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"gosa","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/gosa@2.7.4+reloaded3-11?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.7.4+reloaded3-10","2.7.4+reloaded3-10ubuntu1","2.7.4+reloaded3-11"],"ecosystem_specific":{"binaries":[{"binary_name":"gosa","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-desktop","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-dev","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-help-de","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-help-en","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-help-fr","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-help-nl","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-connectivity","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-dhcp","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-dhcp-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-dns","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-dns-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-gofax","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-gofon","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-goto","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-kolab","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-kolab-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-ldapmanager","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-mail","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-mit-krb5","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-mit-krb5-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-nagios","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-nagios-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-netatalk","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-opengroupware","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-openxchange","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-openxchange-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-phpgw","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-phpgw-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-phpscheduleit","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-phpscheduleit-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-pptp","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-pptp-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-pureftpd","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-pureftpd-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-rolemanagement","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-rsyslog","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-samba","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-scalix","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-squid","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-ssh","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-ssh-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-sudo","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-sudo-schema","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-systems","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-uw-imap","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-plugin-webdav","binary_version":"2.7.4+reloaded3-11"},{"binary_name":"gosa-schema","binary_version":"2.7.4+reloaded3-11"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"postfixadmin","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/postfixadmin@3.2.1-3ubuntu0.1~esm1?arch=source&distro=esm-apps/focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.2.1-3ubuntu0.1~esm1"}]}],"versions":["3.2.1-2","3.2.1-3"],"ecosystem_specific":{"binaries":[{"binary_name":"postfixadmin","binary_version":"3.2.1-3ubuntu0.1~esm1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"smarty3","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/smarty3@3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1+esm1?arch=source&distro=esm-apps/focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.1.33+20180830.1.3a78a21f+selfpack1-1","3.1.34+20190228.1.c9f0de05+selfpack1-1","3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1~esm1","3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1","3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"smarty3","binary_version":"3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1+esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"gosa","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/gosa@2.7.4+reloaded3-16build1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.7.4+reloaded3-16build1"],"ecosystem_specific":{"binaries":[{"binary_name":"gosa","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-desktop","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-dev","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-help-de","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-help-en","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-help-fr","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-help-nl","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-connectivity","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-dhcp","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-dhcp-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-dns","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-dns-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-gofax","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-gofon","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-goto","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-kolab","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-kolab-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-ldapmanager","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-mail","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-mit-krb5","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-mit-krb5-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-nagios","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-nagios-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-netatalk","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-opengroupware","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-openxchange","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-openxchange-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-phpgw","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-phpgw-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-phpscheduleit","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-phpscheduleit-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-pptp","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-pptp-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-pureftpd","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-pureftpd-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-rolemanagement","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-rsyslog","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-samba","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-scalix","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-squid","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-ssh","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-ssh-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-sudo","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-sudo-schema","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-systems","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-uw-imap","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-plugin-webdav","binary_version":"2.7.4+reloaded3-16build1"},{"binary_name":"gosa-schema","binary_version":"2.7.4+reloaded3-16build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"smarty3","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/smarty3@3.1.39-2ubuntu1.22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.1.39-2ubuntu1.22.04.1"}]}],"versions":["3.1.39-2","3.1.39-2ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"smarty3","binary_version":"3.1.39-2ubuntu1.22.04.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"postfixadmin","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/postfixadmin@3.3.10-2ubuntu0.1~esm1?arch=source&distro=esm-apps/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.3.10-2ubuntu0.1~esm1"}]}],"versions":["3.3.7-1","3.3.10-2"],"ecosystem_specific":{"binaries":[{"binary_name":"postfixadmin","binary_version":"3.3.10-2ubuntu0.1~esm1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"gosa","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/gosa@2.8~git20230203.10abe45+dfsg-11?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.8~git20230203.10abe45+dfsg-8","2.8~git20230203.10abe45+dfsg-9","2.8~git20230203.10abe45+dfsg-10","2.8~git20230203.10abe45+dfsg-11"],"ecosystem_specific":{"binaries":[{"binary_name":"gosa","binary_version":"2.8~git20230203.10abe45+dfsg-11"},{"binary_name":"gosa-desktop","binary_version":"2.8~git20230203.10abe45+dfsg-11"},{"binary_name":"gosa-dev","binary_version":"2.8~git20230203.10abe45+dfsg-11"},{"binary_name":"gosa-help-de","binary_version":"2.8~git20230203.10abe45+dfsg-11"},{"binary_name":"gosa-help-en","binary_version":"2.8~git20230203.10abe45+dfsg-11"},{"binary_name":"gosa-help-fr","binary_version":"2.8~git20230203.10abe45+dfsg-11"},{"binary_name":"gosa-help-nl","binary_version":"2.8~git20230203.10abe45+dfsg-11"},{"binary_name":"gosa-schema","binary_version":"2.8~git20230203.10abe45+dfsg-11"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}},{"package":{"name":"gosa","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/gosa@2.8~git20230203.10abe45+dfsg-19?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.8~git20230203.10abe45+dfsg-18","2.8~git20230203.10abe45+dfsg-19"],"ecosystem_specific":{"binaries":[{"binary_name":"gosa","binary_version":"2.8~git20230203.10abe45+dfsg-19"},{"binary_name":"gosa-desktop","binary_version":"2.8~git20230203.10abe45+dfsg-19"},{"binary_name":"gosa-help-de","binary_version":"2.8~git20230203.10abe45+dfsg-19"},{"binary_name":"gosa-help-en","binary_version":"2.8~git20230203.10abe45+dfsg-19"},{"binary_name":"gosa-help-fr","binary_version":"2.8~git20230203.10abe45+dfsg-19"},{"binary_name":"gosa-help-nl","binary_version":"2.8~git20230203.10abe45+dfsg-19"},{"binary_name":"gosa-schema","binary_version":"2.8~git20230203.10abe45+dfsg-19"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-29221.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}