Lucene search
+L

12 matches found

susecve
susecve
added 2023/02/15 5:39 a.m.2 views

SUSE CVE-2013-2119

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem...

4.6CVSS6.7AI score0.004EPSS
Exploits0References6
openvas
openvas
added 2022/01/28 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2013-0205)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS6.5AI score0.004EPSS
Exploits0References7
nessus
nessus
added 2018/12/04 12:0 a.m.31 views

RHEL 6 : rubygem-passenger (RHSA-2013:1136)

Updated rubygem-passenger packages that fix two security issues are now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

4.6CVSS6.3AI score0.004EPSS
Exploits0References5
cve
cve
added 2014/01/02 9:0 p.m.107 views

CVE-2013-2119

Phusion Passenger gem vulnerability (CVE-2013-2119) affects Phusion Passenger for Ruby, specifically the gem versions before 3.0.21 and 4.0.x before 4.0.5. The issue arises from insecure handling of temporary directories/files in /tmp, where a local attacker can pre-create a predictable temporary...

4.6CVSS6.3AI score0.004EPSS
Exploits0References4Affected Software1
redhat
redhat
added 2013/08/05 3:48 p.m.65 views

Moderate: Red Hat Security Advisory: rubygem-passenger security update

Updated rubygem-passenger packages that fix two security issues are now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

4.6CVSS6.5AI score0.004EPSS
Exploits0References3
openvas
openvas
added 2013/08/01 12:0 a.m.24 views

Fedora Update for rubygem-passenger FEDORA-2013-13234

Check for the Version of rubygem-passenger OpenVAS Vulnerability Test Fedora Update for rubygem-passenger FEDORA-2013-13234 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

4.6CVSS0.1AI score0.004EPSS
Exploits0References2
openvas
openvas
added 2013/08/01 12:0 a.m.25 views

Fedora Update for rubygem-passenger FEDORA-2013-13234

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4AI score
Exploits0References2
nessus
nessus
added 2013/07/12 12:0 a.m.28 views

Fedora 17 : rubygem-passenger-3.0.21-1.fc17 (2013-9771)

Update to version 3.0.21 - Fix for CVE-2013-2119 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

4.6CVSS5.6AI score0.004EPSS
Exploits0References3
osv
osv
added 2013/07/09 6:27 p.m.11 views

MGASA-2013-0205 Updated rubygem-passenger package fixes CVE-2013-2119

Phusion Passengers code did not always create temporary files and directories in a secure manner. Temporary files and directories were sometimes created with a predictable filename. A local attacker can pre-create temporary files, resulting in a denial of service. In addition, this vulnerability...

4.6CVSS4.4AI score0.004EPSS
Exploits0References6
mageia
mageia
added 2013/07/09 6:27 p.m.35 views

Updated rubygem-passenger package fixes CVE-2013-2119

Phusion Passengers code did not always create temporary files and directories in a secure manner. Temporary files and directories were sometimes created with a predictable filename. A local attacker can pre-create temporary files, resulting in a denial of service. In addition, this vulnerability...

4.6CVSS3.6AI score0.004EPSS
Exploits0References5
openvas
openvas
added 2013/06/13 12:0 a.m.24 views

Fedora Update for rubygem-passenger FEDORA-2013-9789

Check for the Version of rubygem-passenger OpenVAS Vulnerability Test Fedora Update for rubygem-passenger FEDORA-2013-9789 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

4.6CVSS0.004EPSS
Exploits0References2
rubygems
rubygems
added 2013/05/29 12:0 a.m.40 views

CVE-2013-2119 rubygem-passenger: incorrect temporary file usage

Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service prevent application start or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem...

4.6CVSS6.2AI score0.004EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder