Lucene search
Veracode Vulnerability DatabaseVERACODE:5459HistoryNov 20, 2017 - 2:23 a.m.
Arbitrary File List Read
2017-11-2002:23:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
23.6%
passenger is vulnerable to arbitrary file list reading. If passenger is run as root, an attacker who has write access to an application can read a list of files contained within a directory.
| CPE | Name | Operator | Version |
|---|---|---|---|
| passenger | le | 5.1.10 | |
| passenger:bionic | eq | 5.0.30 |
Related
cve
cve
CVE-2017-16355
2017-12-14 22:29:00
CVE-2017-1000384
2017-12-15 10:29:00
redhatcve
redhatcve
CVE-2017-16355
2017-12-20 02:49:53
debian
debian
[SECURITY] [DSA 4415-1] passenger security update
2019-03-24 11:02:30
[SECURITY] [DSA 4415-1] passenger security update
2019-03-24 11:02:30
osv
osv
CVE-2017-16355
2017-12-14 22:29:00
Phusion Passenger information disclosure
2022-05-13 01:30:59
passenger - security update
2019-03-24 00:00:00
nvd
nvd
CVE-2017-16355
2017-12-14 22:29:00
CVE-2017-1000384
2017-12-15 10:29:00
cvelist
cvelist
CVE-2017-16355
2017-12-14 22:00:00
nessus
nessus
FreeBSD : rubygem-passenger -- arbitrary file read vulnerability (8cf25a29-e063-11e7-9b2c-001e672571bc)
2017-12-19 00:00:00
Debian DSA-4415-1 : passenger - security update
2019-03-25 00:00:00
Ubuntu 16.04 ESM : Phusion Passenger vulnerabilities (USN-5261-1)
2023-10-20 00:00:00
freebsd
freebsd
rubygem-passenger -- arbitrary file read vulnerability
2017-10-13 00:00:00
github
github
Phusion Passenger information disclosure
2022-05-13 01:30:59
debiancve
debiancve
CVE-2017-16355
2017-12-14 22:29:00
prion
prion
Design/Logic Flaw
2017-12-14 22:29:00
openvas
openvas
Debian: Security Advisory (DSA-4415-1)
2019-03-23 00:00:00
Ubuntu: Security Advisory (USN-5261-1)
2023-01-27 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0262-1)
2021-06-09 00:00:00
ubuntucve
ubuntucve
CVE-2017-16355
2017-12-14 00:00:00
ubuntu
ubuntu
Phusion Passenger vulnerabilities
2022-02-01 00:00:00