Oval Definition:	oval:com.ubuntu.artful:def:201811386000
Revision Date: 2018-06-13 Version: 1 Title: CVE-2018-11386 on Ubuntu 17.10 (artful) - medium. Description: An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-11386 Platform(s): Ubuntu 17.10 Product(s): Definition Synopsis Ubuntu 17.10 (artful) is installed. AND The vulnerability of the 'symfony' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
BACK