Phusion

phusion

14 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (14)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-26803 1Phusion 1Passenger Feb 28, 2025 Feb 24, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method.
CVE-2012-6135 2Phusion Redhat 2Openshift Passenger Nov 21, 2024 Nov 19, 2019 N/A· v4 7.5 HIGH· v3 6.4 MEDIUM· v2 RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
CVE-2018-12615 1Phusion 1Passenger Nov 21, 2024 Jun 21, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory)...Show more An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory) which supplementary groups are actually being set while lowering privileges.Show less
CVE-2018-12029 2Debian Phusion 2Debian Linux Passenger Nov 21, 2024 Jun 17, 2018 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is c...Show more A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but before it was chowned, leads to the target of the link being chowned via the path. Targeting sensitive files such as root's crontab file allows privilege escalation.Show less
CVE-2018-12028 1Phusion 1Passenger Nov 21, 2024 Jun 17, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back...Show more An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious application then generates an error, it would cause Passenger's process manager to kill said reported arbitrary PID.Show less
CVE-2018-12027 1Phusion 1Passenger Nov 21, 2024 Jun 17, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it li...Show more An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said socket are writable by a normal user that is not the application's user, then that non-application user can swap that directory with something else, resulting in traffic being redirected to a non-application user's process through an alternative Unix domain socket.Show less
CVE-2018-12026 1Phusion 1Passenger Nov 21, 2024 Jun 17, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory w...Show more During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in turn can result in information disclosure and privilege escalation.Show less
CVE-2017-16355 2Debian Phusion 2Debian Linux Passenger May 13, 2026 Dec 14, 2017 N/A· v4 4.7 MEDIUM· v3 1.2 LOW· v2 In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary f...Show more In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.Show less
CVE-2016-10345 1Phusion 1Passenger May 13, 2026 Apr 18, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.
CVE-2014-1832 1Phusion 1Passenger May 6, 2026 Feb 19, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. NOTE: this vulnerability exists because of an incomplete...Show more Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1831.Show less
CVE-2014-1831 1Phusion 1Passenger May 6, 2026 Feb 19, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file.
CVE-2013-7134 1Phusion 1Juvia May 6, 2026 Apr 29, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cookies.
CVE-2013-2119 2Phusion Redhat 2Openshift Passenger Apr 29, 2026 Jan 3, 2014 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory...Show more Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.Show less
CVE-2013-4136 1Phusion 1Passenger Apr 29, 2026 Sep 30, 2013 N/A· v4 N/A· v3 4.4 MEDIUM· v2 ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a pre...Show more ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.Show less