passenger 2.2.14
Predictable tmp File Path Vulnerability in Phusion Passenger
high severity CVE-2016-10345>= 5.1.0
In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.
RubyGems passenger gem allows remote attackers to delete files
high severity CVE-2012-6135< 4.0.0.rc4
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
Affects both open source and Enterprise versions (4.0.0.beta1, 4.0.0.beta2).
Phusion Passenger incorrect permission assignment
medium severity CVE-2018-12615>= 5.3.2
An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory) which supplementary groups are actually being set while lowering privileges.
Phusion Passenger information disclosure
medium severity CVE-2017-16355>= 5.1.11
In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.
Phusion Passenger Server allows to overwrite headers in some cases
medium severity CVE-2015-7519~> 4.0.60, >= 5.0.22
It is possible in some cases, for clients to overwrite headers set by the server, resulting in a medium level security issue. Passenger 5 uses an SCGI-inspired format to pass headers to Ruby/Python applications, while Passenger 4 uses an SCGI-inspired format to pass headers to all applications. This implies a conversion to UPPER_CASE_WITH_UNDERSCORES whereby the difference between characters like '-' and '_' is lost.
CVE-2013-4136 rubygem-passenger: insecure temporary directory usage due toreuse of existing server instance directories
medium severity CVE-2013-4136>= 4.0.8
ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.
CVE-2013-2119 rubygem-passenger: incorrect temporary file usage
medium severity CVE-2013-2119~> 3.0.21, >= 4.0.5
Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.
CVE-2014-1831 CVE-2014-1832 rubygem-passenger: insecure use of temporary files
low severity CVE-2014-1832>= 4.0.38
'Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1831.'
CVE-2014-1831 CVE-2014-1832 rubygem-passenger: insecure use of temporary files
low severity CVE-2014-1831>= 4.0.37
Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
Author did not declare license for this gem in the gemspec.
This gem version has a MIT license in the source code, however it was not declared in the gemspec file.
This gem version is available.
This gem version has not been yanked and is still available for usage.