Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
rubygems passenger Security Advisories
Loading...
Critical
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: almost 2 years ago
GSA_kwCzR0hTQS03Y3YzLWd2bWMtOG1xNc4AAUCS
Phusion Passenger SpawningKit Contains Arbitrary Read/Write VulnerabilityEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13aGZ4LTg3N2MtNXAyOM4AASot
Insecure Permissions in Phusion PassengerEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1qamhqLThneDcteDgzNs4AASpe
Incorrect Access Control in Phusion PassengerEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: almost 2 years ago
High
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxeHctM3A3di1wOWdy
Phusion Passenger uses a known /tmp filenameEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 5 years ago
High
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: about 2 years ago
GSA_kwCzR0hTQS04bXc4LWo1ODMtdnFmZ81ADQ
RubyGems passenger gem allows remote attackers to delete filesEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: about 2 years ago
High
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1qamNqLWZnZm0tOWc5cs4AAUCZ
Phusion Passenger Race Condition Allows Privilege EscalationEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: almost 2 years ago
GSA_kwCzR0hTQS00Mjg0LWpmaGMtZjg1NM4AASqQ
Phusion Passenger incorrect permission assignmentEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: almost 2 years ago
Moderate
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1jdjNmLXB4OXItNTRobc4AAQ3b
Phusion Passenger information disclosureEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: almost 2 years ago
Low
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4d3YtOTUzcC03cXBm
Phusion Passenger allows remote attackers to spoof headersEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 5 years ago
Moderate
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2cmMtcTM4Ny12cGdx
insecure temporary directory usage in passengerEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Low
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF3OHctMnhjcC14ZzU5
Insecure use of temporary files in Phusion passengerEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlxajctanZnNC1xcjJ4
Phusion Passenger Denial of ServiceEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Low
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM3ajctcDVqcS0yNmZm
Insecure use of temporary files in passengerEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Statistics
Advisories: 18,369
Packages: 8,294
Repositories: 2
Ecosystems: 12
Packages: 8,294
Repositories: 2
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
actionpack
57
nokogiri
42
rubygems-update
25
puppet
23
rack
22
activerecord
21
activesupport
14
publify_core
14
passenger
13
actionview
12
puma
11
rails
11
jquery-rails
10
fat_free_crm
10
org.webjars.npm:jquery
9
rails-html-sanitizer
9
jquery
9
jQuery
8
decidim
7
org.jruby:jruby-stdlib
7
jquery-ui
7
jQuery.UI.Combined
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
katello
6
loofah
6
ember-source
6
camaleon_cms
6
doorkeeper
6
bundler
5
sidekiq
5
spree
5
commonmarker
5
spree_auth_devise
5
webrick
4
sanitize
4
avo
4
grpcio
4
carrierwave
4
grpc
4
dragonfly
4
activestorage
4
fluentd
4
devise
4
sinatra
4
mail
4
rack-cors
3
gollum
3
openssl
3
rails_admin
3
resque
3
chartkick
3
io.grpc:grpc-protobuf
3
cgi
3
decidim-core
3
private_address_check
3
rest-client
3
rdoc
3
git
3
omniauth
3
ruby-saml
3
bootstrap
3
yard
3
bootstrap
3
json-jwt
3
geminabox
3
rubyzip
3
phlex
3
facter
2
logstash-core
2
pageflow
2
git-fastclone
2
ox
2
httparty
2
json
2
VladTheEnterprising
2
bson
2
devise-two-factor
2
net-ldap
2
twitter-bootstrap-rails
2
mini_magick
2
paperclip
2
pdfkit
2
omniauth-facebook
2
yajl-ruby
2
safemode
2
ruby-openid
2
bootstrap-sass
2
mapbox-rails
2
mapbox.js
2
secure_headers
2
sprockets
2
faye
2
sup
2
echor
2
field_test
2
i18n
2
kramdown
2
uri
2
spina
2
view_component
2
solidus_core
2
redcarpet
2
solidus_frontend
2
radiant
2
cocoapods-downloader
2
pyarrow
2
red-arrow
2
activeadmin
2
google-protobuf
2
com.google.protobuf:protobuf-kotlin
2
com.google.protobuf:protobuf-java
2
qiita-markdown
2
decidim-templates
2
pghero
2
user_agent_parser
2
mechanize
2
administrate
2
blazer
1
solidus_auth_devise
1
kaminari
1
rmagick
1
solidus_backend
1
github.com/github/hub
1
hub
1
websocket-extensions
1
railties
1
foreman_ansible
1
gitlab-grit
1
geokit-rails
1
multi_xml
1
keynote
1
twitter-stream
1
pysha3
1
sha3
1
cap-strap
1
ruby-jss
1
rack-mini-profiler
1
hiera
1
mcollective-client
1
wicked
1
actionmailer
1
kelredd-pruview
1
sqlite3-ruby
1
thin
1
matestack-ui-core
1
restforce
1
ruby_parser
1
better_errors
1
mongrel
1
unpoly-rails
1
bindata
1
oxidized-web
1
github.com/pubnub/swift
1
pubnub
1
pubnub
1
pubnub/pubnub
1
pubnub
1
pubnub
1
Pubnub
1
github.com/pubnub/go/v5
1
github.com/pubnub/go/v6
1
github.com/pubnub/go
1
github.com/pubnub/go/v7
1
com.pubnub:pubnub
1
rubocop
1
ruby-mysql
1
gtk2
1
rotp
1
@turbo-boost/commands
1
turbo_boost-commands
1
stringio
1
discordrb
1
diffy
1
recurly
1
md2pdf
1
sounder
1
date
1
octopoller
1
paratrooper-newrelic
1
jmespath
1
trilogy
1
sentry-raven
1
devise_invitable
1
ftpd
1
tweetstream
1
flash_tool
1
lean-ruport
1
openshift-origin-node
1
point-cli
1
govuk_tech_docs
1
audited
1
omniauth-apple
1
spree_api
1
omniauth-auth0
1
shrine
1
message_bus
1
inline_svg
1
pdf_info
1
rswag
1
Filter by Repository