Sha256: 476033bfe9fc88f582fab1b5907bb0a136c691c4b125d47d6f59274b95e093c8

Contents?: true

Size: 505 Bytes

Versions: 5

Compression:

Stored size: 505 Bytes

Contents

---
gem: passenger
cve: 2014-1831
osvdb: 102613
url: http://osvdb.org/show/osvdb/102613
title: Phusion Passenger Server Instance Directory Creation Local Symlink File Overwrite
date: 2014-01-28
description: Phusion Passenger contains a flaw as the program creates the server instance
  directory insecurely. It is possible for a local attacker to use a symlink attack against
  the directory to cause the program to unexpectedly overwrite an arbitrary file.
cvss_v2: 2.1
patched_versions:
  - ">= 4.0.37"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/passenger/CVE-2014-1831.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/passenger/CVE-2014-1831.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/passenger/CVE-2014-1831.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/passenger/CVE-2014-1831.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/passenger/CVE-2014-1831.yml