OVAL Reference oval:com.ubuntu.xenial:def:201478190000000

Oval Definition:

oval:com.ubuntu.xenial:def:201478190000000

Revision Date:	2014-11-08	Version:	1
Title:	CVE-2014-7819 on Ubuntu 16.04 LTS (xenial) - low.
Description:	Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2014-7819
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND ruby-sprockets package in xenial, is related to the CVE in some way and has been fixed (note: '2.12.3-1').