Oval Definition:	oval:com.ubuntu.bionic:def:201716516000
Revision Date: 2017-11-03 Version: 1 Title: CVE-2017-16516 on Ubuntu 18.04 LTS (bionic) - low. Description: In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating and potentially a denial of service. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-16516 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND Package Information NOT While related to the CVE in some way, the 'ruby-yajl' package in bionic is not affected (note: '1.3.1-1build1'). OR The 'yajl' package in bionic is affected and needs fixing.
BACK