OVAL Reference oval:com.ubuntu.bionic:def:201586230000000

Oval Definition:

oval:com.ubuntu.bionic:def:201586230000000

Revision Date:	2017-03-23	Version:	1
Title:	CVE-2015-8623 on Ubuntu 18.04 LTS (bionic) - medium.
Description:	The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does not perform token comparison in constant time before returning, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8624.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2015-8623
Platform(s):	Ubuntu 18.04 LTS	Product(s):
Definition Synopsis
Ubuntu 18.04 LTS (bionic) is installed. AND mediawiki package in bionic, is related to the CVE in some way and has been fixed (note: '1:1.27.4-3').