Oval Definition:	oval:com.ubuntu.disco:def:2019117120000000
Revision Date: 2019-07-23 Version: 1 Title: CVE-2019-11712 on Ubuntu 19.04 (disco) - medium. Description: POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. Family: unix Class: vulnerability Status: Reference(s): CVE-2019-11712 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND Package Information firefox package in disco was vulnerable but has been fixed (note: '68.0+build3-0ubuntu0.19.04.1'). OR mozjs52 package in disco is affected and may need fixing. OR mozjs60 package in disco is affected and may need fixing. OR thunderbird package in disco was vulnerable but has been fixed (note: '1:60.8.0+build1-0ubuntu0.19.04.1').
BACK