Oval Definition:	oval:com.ubuntu.cosmic:def:201531920000000
Revision Date: 2016-07-12 Version: 1 Title: CVE-2015-3192 on Ubuntu 18.10 (cosmic) - low. Description: Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-3192 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND libspring-java package in cosmic, is related to the CVE in some way and has been fixed (note: '4.3.14-1').
BACK