Oval Definition:	oval:com.ubuntu.bionic:def:201902210000000
Revision Date: 2019-05-28 Version: 1 Title: CVE-2019-0221 on Ubuntu 18.04 LTS (bionic) - low. Description: The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website. Family: unix Class: vulnerability Status: Reference(s): CVE-2019-0221 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND Package Information tomcat7 package in bionic is affected and needs fixing. OR tomcat8 package in bionic was vulnerable but has been fixed (note: '8.5.39-1ubuntu1~18.04.3'). OR tomcat9 package in bionic was vulnerable but has been fixed (note: '9.0.16-3ubuntu0.18.04.1').
BACK