Oval Definition:	oval:com.ubuntu.cosmic:def:201715924000
Revision Date: 2017-10-27 Version: 1 Title: CVE-2017-15924 on Ubuntu 18.10 (cosmic) - medium. Description: In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-15924 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND NOT While related to the CVE in some way, the 'shadowsocks-libev' package in cosmic is not affected (note: '3.1.3+ds-1ubuntu2').
BACK