4 matches found
CVE-2018-12027
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
CVE-2018-12027
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
CVE-2018-12027
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
CVE-2018-12027
Summary of CVE-2018-12027 (Phusion Passenger) : This vulnerability affects Phusion Passenger 5.3.x before 5.3.2, specifically the SpawningKit component. If a Passenger-spawned application reports a Unix domain socket and any parent directory of that socket is writable by a non‑application user, t...