Vulnerabilities > Phusion > Passenger > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-19 CVE-2012-6135 Improper Input Validation vulnerability in multiple products
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
network
low complexity
phusion redhat CWE-20
6.4
2018-06-21 CVE-2018-12615 Incorrect Permission Assignment for Critical Resource vulnerability in Phusion Passenger
An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2.
network
low complexity
phusion CWE-732
5.0
2018-06-17 CVE-2018-12029 Race Condition vulnerability in multiple products
A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is configured.
4.4
2018-06-17 CVE-2018-12028 Incorrect Permission Assignment for Critical Resource vulnerability in Phusion Passenger 5.3.0/5.3.1
An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager.
network
phusion CWE-732
6.8
2018-06-17 CVE-2018-12027 Information Exposure vulnerability in Phusion Passenger 5.3.0/5.3.1
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said socket are writable by a normal user that is not the application's user, then that non-application user can swap that directory with something else, resulting in traffic being redirected to a non-application user's process through an alternative Unix domain socket.
network
low complexity
phusion CWE-200
6.5
2017-04-18 CVE-2016-10345 Permissions, Privileges, and Access Controls vulnerability in Phusion Passenger
In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.
local
low complexity
phusion CWE-264
4.6
2013-09-30 CVE-2013-4136 Link Following vulnerability in Phusion Passenger
ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.
4.4