Oval Definition:	oval:com.ubuntu.disco:def:2017128700000000
Revision Date: 2017-09-01 Version: 1 Title: CVE-2017-12870 on Ubuntu 19.04 (disco) - medium. Description: SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-12870 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND simplesamlphp package in disco, is related to the CVE in some way and has been fixed (note: '1.14.15-1').
BACK