Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-etvv-bvc3-qyan
Vulnerability ID VCID-etvv-bvc3-qyan
Aliases CVE-2018-12026
GHSA-7cv3-gvmc-8mq5
Summary Improper Link Resolution Before File Access During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in turn can result in information disclosure and privilege escalation.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-59 Improper Link Resolution Before File Access ('Link Following')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-284 Improper Access Control
System Score Found at
cvssv3 7.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12026.json
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
epss 0.01123 https://api.first.org/data/v1/epss?cve=CVE-2018-12026
cvssv3.1 9.8 https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes
generic_textual CRITICAL https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes
cvssv3 9.8 https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
cvssv3.1 9.8 https://blog.phusion.nl/passenger-5-3-2
generic_textual CRITICAL https://blog.phusion.nl/passenger-5-3-2
cvssv3.1_qr CRITICAL https://github.com/advisories/GHSA-7cv3-gvmc-8mq5
cvssv3.1 9.8 https://github.com/phusion/passenger
generic_textual CRITICAL https://github.com/phusion/passenger
cvssv3.1 9.8 https://github.com/phusion/passenger/commit/fd3717a3cd357aa0e80e1e81d4dc94a1eaf928f1
generic_textual CRITICAL https://github.com/phusion/passenger/commit/fd3717a3cd357aa0e80e1e81d4dc94a1eaf928f1
cvssv3.1 9.8 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/passenger/CVE-2018-12026.yml
generic_textual CRITICAL https://github.com/rubysec/ruby-advisory-db/blob/master/gems/passenger/CVE-2018-12026.yml
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2018-12026
cvssv3 9.8 https://nvd.nist.gov/vuln/detail/CVE-2018-12026
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2018-12026
generic_textual CRITICAL https://nvd.nist.gov/vuln/detail/CVE-2018-12026
cvssv3.1 9.8 https://security.gentoo.org/glsa/201807-02
generic_textual CRITICAL https://security.gentoo.org/glsa/201807-02
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12026.json
https://api.first.org/data/v1/epss?cve=CVE-2018-12026
https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes
https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
https://blog.phusion.nl/passenger-5-3-2
https://github.com/phusion/passenger
https://github.com/phusion/passenger/commit/fd3717a3cd357aa0e80e1e81d4dc94a1eaf928f1
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/passenger/CVE-2018-12026.yml
1592616 https://bugzilla.redhat.com/show_bug.cgi?id=1592616
cpe:2.3:a:phusion:passenger:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:phusion:passenger:*:*:*:*:*:*:*:*
CVE-2018-12026 https://nvd.nist.gov/vuln/detail/CVE-2018-12026
GHSA-7cv3-gvmc-8mq5 https://github.com/advisories/GHSA-7cv3-gvmc-8mq5
GLSA-201807-02 https://security.gentoo.org/glsa/201807-02
No exploits are available.
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12026.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://blog.phusion.nl/passenger-5-3-2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/phusion/passenger
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/phusion/passenger/commit/fd3717a3cd357aa0e80e1e81d4dc94a1eaf928f1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/rubysec/ruby-advisory-db/blob/master/gems/passenger/CVE-2018-12026.yml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-12026
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-12026
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-12026
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/201807-02
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.78208
EPSS Score 0.01123
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:47:48.024604+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/passenger/CVE-2018-12026.yml 38.0.0