Oval Definition:	oval:com.ubuntu.bionic:def:2018180740000000
Revision Date: 2018-10-09 Version: 1 Title: CVE-2018-18074 on Ubuntu 18.04 LTS (bionic) - medium. Description: The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-18074 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND requests package in bionic was vulnerable but has been fixed (note: '2.18.4-2ubuntu0.1').
BACK