Oval Definition:	oval:com.ubuntu.xenial:def:201674010000000
Revision Date: 2016-10-03 Version: 1 Title: CVE-2016-7401 on Ubuntu 16.04 LTS (xenial) - medium. Description: The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-7401 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND python-django package in xenial was vulnerable but has been fixed (note: '1.8.7-1ubuntu5.2').
BACK