CVE-2016-10345
Published
CVSS v3
N/A
CVSS v2
4.6
MEDIUM
Affected
1
PROJECT
Description
In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.
A fast and robust web server and application server for Ruby, Python and Node.js
GitHub