Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Passenger
(Phusion)| Repositories | https://github.com/phusion/passenger |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-02-19 | CVE-2014-1831 | Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. | Passenger | N/A | ||
| 2013-09-30 | CVE-2013-4136 | ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/. | Passenger | N/A |