Oval Definition:	oval:com.ubuntu.disco:def:201709030000000
Revision Date: 2017-10-11 Version: 1 Title: CVE-2017-0903 on Ubuntu 19.04 (disco) - medium. Description: RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-0903 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND jruby package in disco, is related to the CVE in some way and has been fixed (note: '0.1.17.0-1~18.04').
BACK