OVAL Reference oval:com.ubuntu.cosmic:def:2018147740000000

Oval Definition:

oval:com.ubuntu.cosmic:def:2018147740000000

Revision Date:	2018-08-03	Version:	1
Title:	CVE-2018-14774 on Ubuntu 18.10 (cosmic) - medium.
Description:	An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-14774
Platform(s):	Ubuntu 18.10	Product(s):
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed. AND symfony package in cosmic, is related to the CVE in some way and has been fixed (note: '3.4.15+dfsg-2ubuntu4').