Oval Definition:	oval:com.ubuntu.bionic:def:20158125000
Revision Date: 2015-12-07 Version: 1 Title: CVE-2015-8125 on Ubuntu 18.04 LTS (bionic) - medium. Description: Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-8125 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND NOT While related to the CVE in some way, the 'symfony' package in bionic is not affected (note: '3.4.6+dfsg-1').
BACK