USN-5348-3 smarty3 vulnerabilities

USN-5348-1 fixed several vulnerabilities in Smarty. This update provides the fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and CVE-2021-29454 for Ubuntu 20.04 ESM. Original advisory details: David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths prese...

PT-2021-23930 · Unknown · @Backstage/Plugin-Scaffolder-Backend

Name of the Vulnerable Software and Affected Versions: @backstage/plugin-scaffolder-backend versions prior to 0.15.14 Description: A malicious actor with write access to a registered scaffolder template can manipulate the template to write files to arbitrary paths on the scaffolder-backend host...