OVAL Reference oval:com.ubuntu.bionic:def:20181000858000

Oval Definition:

oval:com.ubuntu.bionic:def:20181000858000

Revision Date:	2018-12-20	Version:	1
Title:	CVE-2018-1000858 on Ubuntu 18.04 LTS (bionic) - medium.
Description:	GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-1000858
Platform(s):	Ubuntu 18.04 LTS	Product(s):
Definition Synopsis
Ubuntu 18.04 LTS (bionic) is installed. AND The 'gnupg2' package in bionic was vulnerable but has been fixed (note: '2.2.4-1ubuntu1.2').