Oval Definition:	oval:com.ubuntu.cosmic:def:20170903000
Revision Date: 2017-10-11 Version: 1 Title: CVE-2017-0903 on Ubuntu 18.10 (cosmic) - medium. Description: RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-0903 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND The vulnerability of the 'jruby' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
BACK