exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2017-16355

около 8 лет назад

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.

CVSS3: 4.7

EPSS: Низкий

CVE-2017-16355

больше 8 лет назад

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.

CVSS3: 4.7

EPSS: Низкий

CVE-2017-16355

около 8 лет назад

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.

CVSS3: 4.7

EPSS: Низкий

CVE-2017-16355

около 8 лет назад

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed ...

CVSS3: 4.7

EPSS: Низкий

GHSA-cv3f-px9r-54hm

больше 3 лет назад

Phusion Passenger information disclosure

CVSS3: 4.7

EPSS: Низкий

BDU:2019-01588

больше 8 лет назад

Уязвимость веб-сервера Phusion Passenger, связанная с возможностью создания символической ссылки между REVISION и произвольным файлом в системе, позволяющая нарушителю получить доступ к конфиденциальным данным

CVSS3: 5.3

EPSS: Низкий

SUSE-SU-2018:0262-1

около 8 лет назад

Security update for rubygem-passenger

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-16355 In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.	CVSS3: 4.7	0% Низкий	около 8 лет назад
CVE-2017-16355 In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.	CVSS3: 4.7	0% Низкий	больше 8 лет назад
CVE-2017-16355 In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root folder to a file of choice and querying passenger-status --show=xml.	CVSS3: 4.7	0% Низкий	около 8 лет назад
CVE-2017-16355 In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed ...	CVSS3: 4.7	0% Низкий	около 8 лет назад
GHSA-cv3f-px9r-54hm Phusion Passenger information disclosure	CVSS3: 4.7	0% Низкий	больше 3 лет назад
BDU:2019-01588 Уязвимость веб-сервера Phusion Passenger, связанная с возможностью создания символической ссылки между REVISION и произвольным файлом в системе, позволяющая нарушителю получить доступ к конфиденциальным данным	CVSS3: 5.3	0% Низкий	больше 8 лет назад
SUSE-SU-2018:0262-1 Security update for rubygem-passenger			около 8 лет назад

Уязвимостей на страницу