Oval Definition:	oval:com.ubuntu.cosmic:def:201709030000000
Revision Date: 2017-10-11 Version: 1 Title: CVE-2017-0903 on Ubuntu 18.10 (cosmic) - medium. Description: RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-0903 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND jruby: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life').
BACK