Описание
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
Отчет
Not vulnerable. This issue did not affect the versions of rubygem-passenger as shipped with Red Hat OpenShift Enterprise 1.2 do not include the vulnerable code.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Enterprise 1 | ruby193-rubygem-passenger | Not affected | ||
| OpenShift Enterprise 1 | rubygem-passenger | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=917925rubygem-passenger: untrusted apps Security check socket filenames reported by spawned application processes
2.1 Low
CVSS2
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 6 лет назад
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
CVSS3: 7.5
nvd
около 6 лет назад
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
CVSS3: 7.5
debian
около 6 лет назад
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to dele ...
CVSS3: 7.5
github
почти 4 года назад
RubyGems passenger gem allows remote attackers to delete files
2.1 Low
CVSS2