Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1
CVE-2014-1831
- EPSS 0.07%
- Published 19.02.2015 15:59:02
- Last modified 12.04.2025 10:46:40
Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file.
4.6
CVE-2013-2119
- EPSS 0.06%
- Published 03.01.2014 18:54:11
- Last modified 11.04.2025 00:51:21
Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tm...
4.4
CVE-2013-4136
- EPSS 0.04%
- Published 30.09.2013 21:55:07
- Last modified 11.04.2025 00:51:21
ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.