OVAL Reference oval:com.ubuntu.xenial:def:201436250000000

Oval Definition:

oval:com.ubuntu.xenial:def:201436250000000

Revision Date:	2014-11-20	Version:	1
Title:	CVE-2014-3625 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling. It was discovered that Spring Framework incorrectly handled inputs. A remote attacker could possibly use this issue to read arbitrary files.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2014-3625
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND libspring-java package in xenial, is related to the CVE in some way and has been fixed (note: '3.2.12-1').