OVAL Reference oval:com.ubuntu.bionic:def:20147819000

Oval Definition:

oval:com.ubuntu.bionic:def:20147819000

Revision Date:	2014-11-08	Version:	1
Title:	CVE-2014-7819 on Ubuntu 18.04 LTS (bionic) - low.
Description:	Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2014-7819
Platform(s):	Ubuntu 18.04 LTS	Product(s):
Definition Synopsis
Ubuntu 18.04 LTS (bionic) is installed. AND The vulnerability of the 'ruby-sprockets' package in bionic is not known (status: 'needs-triage'). It is pending evaluation.