Oval Definition:oval:com.ubuntu.xenial:def:201714949000
Revision Date:2017-11-30Version:1
Title:CVE-2017-14949 on Ubuntu 16.04 LTS (xenial) - medium.
Description:Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities (not parameter external entities) are properly considered. This is related to XmlRepresentation, DOMRepresentation, SaxRepresentation, and JacksonRepresentation.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-14949
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND The 'restlet' package in xenial is affected and needs fixing.
  • BACK