Oval Definition:oval:com.ubuntu.bionic:def:201718343000
Revision Date:2018-07-19Version:1
Title:CVE-2017-18343 on Ubuntu 18.04 LTS (bionic) - medium.
Description:** DISPUTED ** The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /_debugbar/open?op=get URI. NOTE: the vendor's position is that this is not a vulnerability because the debug tools are not intended for production use. NOTE: the Symfony Debug component is used by Laravel Debugbar.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-18343
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND NOT While related to the CVE in some way, the 'symfony' package in bionic is not affected (note: '3.4.6+dfsg-1ubuntu0.1').
  • BACK