Oval Definition:	oval:com.ubuntu.xenial:def:201709030000000
Revision Date: 2017-10-11 Version: 1 Title: CVE-2017-0903 on Ubuntu 16.04 LTS (xenial) - medium. Description: RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-0903 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information jruby package in xenial is affected and needs fixing. OR ruby2.3 package in xenial was vulnerable but has been fixed (note: '2.3.1-2~16.04.6').
BACK