OVAL Reference oval:com.ubuntu.disco:def:2018120400000000

Oval Definition:

oval:com.ubuntu.disco:def:2018120400000000

Revision Date:	2018-06-13	Version:	1
Title:	CVE-2018-12040 on Ubuntu 19.04 (disco) - negligible.
Description:	DISPUTED Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an _profiler/open?file= URI. NOTE: The vendor states "The XSS ... is in the web profiler, a tool that should never be deployed in production (so, we don't handle those issues as security issues)."
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-12040
Platform(s):	Ubuntu 19.04	Product(s):
Definition Synopsis
Ubuntu 19.04 (disco) is installed. AND symfony package in disco, is related to the CVE in some way and has been fixed (note: '3.4.22+dfsg-1ubuntu1').