In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Passenger | Phusion | * | 5.0.30 (including) |
| Passenger | Ubuntu | artful | * |
| Passenger | Ubuntu | cosmic | * |
| Passenger | Ubuntu | disco | * |
| Passenger | Ubuntu | eoan | * |
| Passenger | Ubuntu | groovy | * |
| Passenger | Ubuntu | hirsute | * |
| Passenger | Ubuntu | precise | * |
| Passenger | Ubuntu | upstream | * |
| Passenger | Ubuntu | yakkety | * |
| Passenger | Ubuntu | zesty | * |