Oval Definition:	oval:com.ubuntu.cosmic:def:20153908000
Revision Date: 2015-08-12 Version: 1 Title: CVE-2015-3908 on Ubuntu 18.10 (cosmic) - medium. Description: Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-3908 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND NOT While related to the CVE in some way, the 'ansible' package in cosmic is not affected (note: '1.9.2+dfsg-1').
BACK