CVE-2016-10345

Опубликовано: 18 апр. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.6

CVSS3: 7.8

Описание

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected
cosmic	ignored	end of life
devel	not-affected
disco	ignored	end of life
eoan	ignored	end of life
esm-apps/bionic	not-affected
esm-apps/focal	not-affected
esm-apps/jammy	needs-triage
esm-apps/noble	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 20%

0.00064

Низкий

4.6 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

CVE-2016-10345

CVSS3: 5.5

redhat

около 9 лет назад

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.

CVE-2016-10345

CVSS3: 7.8

nvd

почти 9 лет назад

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.

CVE-2016-10345

CVSS3: 7.8

debian

почти 9 лет назад

In Phusion Passenger before 5.1.0, a known /tmp filename was used duri ...

GHSA-cqxw-3p7v-p9gr

CVSS3: 7.8

github

больше 7 лет назад

Phusion Passenger uses a known /tmp filename

EPSS

Процентиль: 20%

0.00064

Низкий

4.6 Medium

CVSS2

7.8 High

CVSS3

CVE-2016-10345

Описание

Пакет passenger

Ссылки на источники

Связанные уязвимости