Oval Definition:	oval:com.ubuntu.trusty:def:20177822000
Revision Date: 2018-06-11 Version: 1 Title: CVE-2017-7822 on Ubuntu 14.04 LTS (trusty) - low. Description: The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects Firefox < 56. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-7822 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The 'firefox' package in trusty was vulnerable but has been fixed (note: '56.0+build6-0ubuntu0.14.04.1').
BACK