Oval Definition:	oval:com.ubuntu.bionic:def:20137398000
Revision Date: 2015-06-24 Version: 1 Title: CVE-2013-7398 on Ubuntu 18.04 LTS (bionic) - medium. Description: main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate. Family: unix Class: vulnerability Status: Reference(s): CVE-2013-7398 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND NOT While related to the CVE in some way, the 'async-http-client' package in bionic is not affected (note: 'code not present').
BACK