OVAL Reference oval:com.ubuntu.artful:def:201812040000

Oval Definition:

oval:com.ubuntu.artful:def:201812040000

Revision Date:	2018-06-13	Version:	1
Title:	CVE-2018-12040 on Ubuntu 17.10 (artful) - negligible.
Description:	DISPUTED Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an _profiler/open?file= URI. NOTE: The vendor states "The XSS ... is in the web profiler, a tool that should never be deployed in production (so, we don't handle those issues as security issues)."
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-12040
Platform(s):	Ubuntu 17.10	Product(s):
Definition Synopsis
Ubuntu 17.10 (artful) is installed. AND The vulnerability of the 'symfony' package in artful is not known (status: 'needs-triage'). It is pending evaluation.