Oval Definition:	oval:com.ubuntu.xenial:def:20170898000
Revision Date: 2017-09-15 Version: 1 Title: CVE-2017-0898 on Ubuntu 16.04 LTS (xenial) - medium. Description: Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-0898 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND The 'ruby2.3' package in xenial was vulnerable but has been fixed (note: '2.3.1-2~16.04.10').
BACK