Oval Definition:	oval:com.ubuntu.cosmic:def:20147836000
Revision Date: 2014-11-24 Version: 1 Title: CVE-2014-7836 on Ubuntu 18.10 (cosmic) - medium. Description: Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for a (1) mod/lti/request_tool.php or (2) mod/lti/instructor_edit_tool_type.php request. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-7836 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND NOT While related to the CVE in some way, the 'moodle' package in cosmic is not affected (note: '2.7.5+dfsg-1').
BACK