Oval Definition:	oval:com.ubuntu.bionic:def:20167099000
Revision Date: 2016-10-10 Version: 1 Title: CVE-2016-7099 on Ubuntu 18.04 LTS (bionic) - medium. Description: The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-7099 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND NOT While related to the CVE in some way, the 'nodejs' package in bionic is not affected (note: '8.10.0~dfsg-2').
BACK