{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"critical"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2018-12028","title":"Title"},{"category":"description","text":"An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious application then generates an error, it would cause Passenger's process manager to kill said reported arbitrary PID.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2018-12028","url":"https://www.suse.com/security/cve/CVE-2018-12028"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1097655 for CVE-2018-12028","url":"https://bugzilla.suse.com/1097655"},{"category":"external","summary":"SUSE Bug 1097663 for CVE-2018-12028","url":"https://bugzilla.suse.com/1097663"},{"category":"external","summary":"SUSE Bug 1097664 for CVE-2018-12028","url":"https://bugzilla.suse.com/1097664"}],"title":"SUSE CVE CVE-2018-12028","tracking":{"current_release_date":"2025-10-07T09:54:16Z","generator":{"date":"2023-02-15T04:27:00Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2018-12028","initial_release_date":"2023-02-15T04:27:00Z","revision_history":[{"date":"2023-02-15T04:27:00Z","number":"2","summary":"Current version"},{"date":"2024-07-03T05:33:38Z","number":"3","summary":"Current version"},{"date":"2025-01-01T07:38:11Z","number":"4","summary":"Current version"},{"date":"2025-02-18T07:04:38Z","number":"5","summary":"Current version"},{"date":"2025-03-15T12:05:52Z","number":"6","summary":"Current version"},{"date":"2025-04-25T07:01:09Z","number":"7","summary":"Current version"},{"date":"2025-10-07T09:54:16Z","number":"8","summary":"Current version"}],"status":"interim","version":"8"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Lifecycle Management Server 1.3","product":{"name":"SUSE Lifecycle Management Server 1.3","product_id":"SUSE Lifecycle Management Server 1.3","product_identification_helper":{"cpe":"cpe:/a:suse:sle-slms:1.3"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 12","product":{"name":"SUSE Linux Enterprise High Performance Computing 12","product_id":"SUSE Linux Enterprise High Performance Computing 12","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:12"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Containers 12","product":{"name":"SUSE Linux Enterprise Module for Containers 12","product_id":"SUSE Linux Enterprise Module for Containers 12","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-containers:12"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12","product":{"name":"SUSE Linux Enterprise Server 12","product_id":"SUSE Linux Enterprise Server 12","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP3","product":{"name":"SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP4","product":{"name":"SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5","product":{"name":"SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp5"}}},{"category":"product_name","name":"SUSE Studio Onsite 1.3","product":{"name":"SUSE Studio Onsite 1.3","product_id":"SUSE Studio Onsite 1.3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-studioonsite:1.3"}}},{"category":"product_version","name":"ruby2.1-rubygem-passenger","product":{"name":"ruby2.1-rubygem-passenger","product_id":"ruby2.1-rubygem-passenger","product_identification_helper":{"cpe":"cpe:2.3:a:phusion:passenger:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/ruby2.1-rubygem-passenger@?upstream=rubygem-passenger.src.rpm"}}},{"category":"product_version","name":"rubygem-passenger","product":{"name":"rubygem-passenger","product_id":"rubygem-passenger","product_identification_helper":{"cpe":"cpe:2.3:a:phusion:passenger:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/rubygem-passenger@?upstream=rubygem-passenger.src.rpm"}}},{"category":"product_version","name":"rubygem-passenger-apache2","product":{"name":"rubygem-passenger-apache2","product_id":"rubygem-passenger-apache2","product_identification_helper":{"cpe":"cpe:2.3:a:phusion:passenger:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/rubygem-passenger-apache2@?upstream=rubygem-passenger.src.rpm"}}},{"category":"product_version","name":"rubygem-passenger-nginx","product":{"name":"rubygem-passenger-nginx","product_id":"rubygem-passenger-nginx","product_identification_helper":{"cpe":"cpe:2.3:a:phusion:passenger:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/rubygem-passenger-nginx@?upstream=rubygem-passenger.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Lifecycle Management Server 1.3","product_id":"SUSE Lifecycle Management Server 1.3:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Lifecycle Management Server 1.3"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Lifecycle Management Server 1.3","product_id":"SUSE Lifecycle Management Server 1.3:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Lifecycle Management Server 1.3"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-nginx as component of SUSE Lifecycle Management Server 1.3","product_id":"SUSE Lifecycle Management Server 1.3:rubygem-passenger-nginx"},"product_reference":"rubygem-passenger-nginx","relates_to_product_reference":"SUSE Lifecycle Management Server 1.3"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise Server 12","product_id":"SUSE Linux Enterprise Server 12:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server 12"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise Server 12","product_id":"SUSE Linux Enterprise Server 12:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server 12"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise Server 12","product_id":"SUSE Linux Enterprise Server 12:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise Server 12"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise Server for SAP Applications 12","product_id":"SUSE Linux Enterprise Server for SAP Applications 12:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise High Performance Computing 12","product_id":"SUSE Linux Enterprise High Performance Computing 12:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 12"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise High Performance Computing 12","product_id":"SUSE Linux Enterprise High Performance Computing 12:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 12"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise High Performance Computing 12","product_id":"SUSE Linux Enterprise High Performance Computing 12:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 12"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"ruby2.1-rubygem-passenger as component of SUSE Linux Enterprise Module for Containers 12","product_id":"SUSE Linux Enterprise Module for Containers 12:ruby2.1-rubygem-passenger"},"product_reference":"ruby2.1-rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Module for Containers 12"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Linux Enterprise Module for Containers 12","product_id":"SUSE Linux Enterprise Module for Containers 12:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Linux Enterprise Module for Containers 12"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-apache2 as component of SUSE Linux Enterprise Module for Containers 12","product_id":"SUSE Linux Enterprise Module for Containers 12:rubygem-passenger-apache2"},"product_reference":"rubygem-passenger-apache2","relates_to_product_reference":"SUSE Linux Enterprise Module for Containers 12"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger as component of SUSE Studio Onsite 1.3","product_id":"SUSE Studio Onsite 1.3:rubygem-passenger"},"product_reference":"rubygem-passenger","relates_to_product_reference":"SUSE Studio Onsite 1.3"},{"category":"default_component_of","full_product_name":{"name":"rubygem-passenger-nginx as component of SUSE Studio Onsite 1.3","product_id":"SUSE Studio Onsite 1.3:rubygem-passenger-nginx"},"product_reference":"rubygem-passenger-nginx","relates_to_product_reference":"SUSE Studio Onsite 1.3"}]},"vulnerabilities":[{"cve":"CVE-2018-12028","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-12028"}],"notes":[{"category":"general","text":"An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious application then generates an error, it would cause Passenger's process manager to kill said reported arbitrary PID.","title":"CVE description"}],"product_status":{"known_not_affected":["SUSE Lifecycle Management Server 1.3:rubygem-passenger","SUSE Lifecycle Management Server 1.3:rubygem-passenger-apache2","SUSE Lifecycle Management Server 1.3:rubygem-passenger-nginx","SUSE Linux Enterprise High Performance Computing 12:ruby2.1-rubygem-passenger","SUSE Linux Enterprise High Performance Computing 12:rubygem-passenger","SUSE Linux Enterprise High Performance Computing 12:rubygem-passenger-apache2","SUSE Linux Enterprise Module for Containers 12:ruby2.1-rubygem-passenger","SUSE Linux Enterprise Module for Containers 12:rubygem-passenger","SUSE Linux Enterprise Module for Containers 12:rubygem-passenger-apache2","SUSE Linux Enterprise Server 12 SP3:ruby2.1-rubygem-passenger","SUSE Linux Enterprise Server 12 SP3:rubygem-passenger","SUSE Linux Enterprise Server 12 SP3:rubygem-passenger-apache2","SUSE Linux Enterprise Server 12 SP4:ruby2.1-rubygem-passenger","SUSE Linux Enterprise Server 12 SP4:rubygem-passenger","SUSE Linux Enterprise Server 12 SP4:rubygem-passenger-apache2","SUSE Linux Enterprise Server 12 SP5:ruby2.1-rubygem-passenger","SUSE Linux Enterprise Server 12 SP5:rubygem-passenger","SUSE Linux Enterprise Server 12 SP5:rubygem-passenger-apache2","SUSE Linux Enterprise Server 12:ruby2.1-rubygem-passenger","SUSE Linux Enterprise Server 12:rubygem-passenger","SUSE Linux Enterprise Server 12:rubygem-passenger-apache2","SUSE Linux Enterprise Server for SAP Applications 12 SP3:ruby2.1-rubygem-passenger","SUSE Linux Enterprise Server for SAP Applications 12 SP3:rubygem-passenger","SUSE Linux Enterprise Server for SAP Applications 12 SP3:rubygem-passenger-apache2","SUSE Linux Enterprise Server for SAP Applications 12 SP4:ruby2.1-rubygem-passenger","SUSE Linux Enterprise Server for SAP Applications 12 SP4:rubygem-passenger","SUSE Linux Enterprise Server for SAP Applications 12 SP4:rubygem-passenger-apache2","SUSE Linux Enterprise Server for SAP Applications 12 SP5:ruby2.1-rubygem-passenger","SUSE Linux Enterprise Server for SAP Applications 12 SP5:rubygem-passenger","SUSE Linux Enterprise Server for SAP Applications 12 SP5:rubygem-passenger-apache2","SUSE Linux Enterprise Server for SAP Applications 12:ruby2.1-rubygem-passenger","SUSE Linux Enterprise Server for SAP Applications 12:rubygem-passenger","SUSE Linux Enterprise Server for SAP Applications 12:rubygem-passenger-apache2","SUSE Studio Onsite 1.3:rubygem-passenger","SUSE Studio Onsite 1.3:rubygem-passenger-nginx"]},"references":[{"category":"external","summary":"CVE-2018-12028","url":"https://www.suse.com/security/cve/CVE-2018-12028"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1097655 for CVE-2018-12028","url":"https://bugzilla.suse.com/1097655"},{"category":"external","summary":"SUSE Bug 1097663 for CVE-2018-12028","url":"https://bugzilla.suse.com/1097663"},{"category":"external","summary":"SUSE Bug 1097664 for CVE-2018-12028","url":"https://bugzilla.suse.com/1097664"}],"threats":[{"category":"impact","date":"2018-06-14T12:25:37Z","details":"critical"}],"title":"CVE-2018-12028"}]}