rubygem-passenger (SUSE:Studio Onsite 1.3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Studio Onsite 1.3 package rubygem-passenger, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2016-10345 — CVSS 7.8 (high): In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local…
CVE-2013-2119 — CVSS 4.6 (medium): Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application…
CVE-2013-4136 — CVSS 4.4 (medium): ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the…
CVE-2015-7519 — CVSS 3.7 (low): agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or…
CVE-2017-1000384: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-16355. Reason: This candidate is a reservation duplicate of…