Lucene search
Veracode Vulnerability DatabaseVERACODE:6844HistoryJun 25, 2018 - 9:19 a.m.
Privilege Escalation
2018-06-2509:19:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.0004 Low
EPSS
Percentile
5.1%
Passenger is vulnerable to privilege escalations. The application contains a race condition when a file is created, the permission assignment is done with the file path rather than the file descriptor, leading to improper assignments of permissions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| passenger | le | 5.3.1 | |
| passenger:bionic | eq | 5.0.30 |
Related
prion
prion
Race condition
2018-06-17 20:29:00
github
github
Phusion Passenger Race Condition Allows Privilege Escalation
2022-05-14 01:27:14
debiancve
debiancve
CVE-2018-12029
2018-06-17 20:29:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:2039-1)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-1399-1)
2018-07-09 00:00:00
Ubuntu: Security Advisory (USN-5261-1)
2023-01-27 00:00:00
osv
osv
CVE-2018-12029
2018-06-17 20:29:00
Phusion Passenger Race Condition Allows Privilege Escalation
2022-05-14 01:27:14
passenger vulnerabilities
2022-02-01 17:55:14
cvelist
cvelist
CVE-2018-12029
2018-06-17 20:00:00
redhatcve
redhatcve
CVE-2018-12029
2018-06-19 00:49:33
ubuntucve
ubuntucve
CVE-2018-12029
2018-06-17 00:00:00
nvd
nvd
CVE-2018-12029
2018-06-17 20:29:00
cve
cve
CVE-2018-12029
2018-06-17 20:29:00
ubuntu
ubuntu
Phusion Passenger vulnerabilities
2022-02-01 00:00:00
nessus
nessus
Ubuntu 16.04 ESM : Phusion Passenger vulnerabilities (USN-5261-1)
2023-10-20 00:00:00
Debian DLA-1399-1 : ruby-passenger security update
2018-06-28 00:00:00
GLSA-201807-02 : Passenger: Multiple Vulnerabilities
2018-07-23 00:00:00
debian
debian
[SECURITY] [DLA 1399-1] ruby-passenger security update
2018-06-27 19:39:46
gentoo
gentoo
Passenger: Multiple Vulnerabilities
2018-07-22 00:00:00