Oval Definition:oval:com.ubuntu.bionic:def:20177674000
Revision Date:2017-08-10Version:1
Title:CVE-2017-7674 on Ubuntu 18.04 LTS (bionic) - medium.
Description:The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-7674
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'tomcat7' package in bionic is not affected (note: '7.0.78-1').
  • OR NOT While related to the CVE in some way, the 'tomcat8' package in bionic is not affected (note: '8.5.21-1').
    • BACK