OVAL Reference oval:com.ubuntu.bionic:def:20188014000

Oval Definition:

oval:com.ubuntu.bionic:def:20188014000

Revision Date:	2018-05-16	Version:	1
Title:	CVE-2018-8014 on Ubuntu 18.04 LTS (bionic) - low.
Description:	The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-8014
Platform(s):	Ubuntu 18.04 LTS	Product(s):
Definition Synopsis
Ubuntu 18.04 LTS (bionic) is installed. AND Package Information NOT While related to the CVE in some way, the 'tomcat7' package in bionic is not affected. OR The 'tomcat8' package in bionic was vulnerable but has been fixed (note: '8.5.30-1ubuntu1.2').