|
|
Subscribe / Log in / New account

rubygem-passenger: environment variable injection

Package(s):rubygem-passenger CVE #(s):CVE-2015-7519
Created:December 22, 2015 Updated:January 19, 2016
Description: From the SUSE advisory:

rubygem-passenger was not filtering the environment like apache is doing, allowing injection of environment variables.

Alerts:
Debian-LTS DLA-394-1 passenger 2016-01-18
SUSE SUSE-SU-2015:2337-1 rubygem-passenger 2015-12-21
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds