Hamburger
  • Phusion logo
  • Home
  • Passenger
  • Blog
  • About
  • Contact
Twitter Github Video
Privacy Policy & Disclaimer Trademark Notice

Security advisory

A collection of 4 posts

Passenger 5.3.2: various security fixes

Passenger 5.3.2 released, fixing a file system access race condition as well as various SpawningKit exploits. We urge you to upgrade your version immediately.

Camden Narzt Camden Narzt Jun 12, 2018

Security advisory [CVE-2017-16355]: arbitrary file read vulnerability

The cPanel Security Team discovered a vulnerability in Passenger that allows users to list the contents of arbitrary files on the system. CVE-2017-16355 has been assigned to this issue. Affected use-cases Arbitrary file

Daniel Knoppel Daniel Knoppel Oct 13, 2017

Web applications on Phusion Passenger are not vulnerable to HTTPoxy

A short time ago an old security issue was revealed to still be present in many modern application servers. The issue is now known as HTTPoxy, and no fewer than 6 CVE's were issued to document the vulnerabilities in var

Tinco Andringa Tinco Andringa Jul 21, 2016

Security advisory: CVE-2015-7519 header overwriting (medium severity)

It was discovered by the SUSE security team that it was possible, in some cases, for clients to overwrite headers set by the server, resulting in a medium level security issue. CVE-2015-7519 has been assigned to this iss

Daniel Knoppel Daniel Knoppel Dec 07, 2015

logo

Products

  • Passenger
  • Premium Support

About

  • Mission

Contact

  • General
  • Security
Twitter Github Video
Privacy Policy & Disclaimer | Trademark Notice
Copyright © Phusion® B.V. All rights reserved.