OVAL Reference oval:com.ubuntu.xenial:def:2018117840000000

Oval Definition:

oval:com.ubuntu.xenial:def:2018117840000000

Revision Date:	2018-10-04	Version:	1
Title:	CVE-2018-11784 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-11784
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND Package Information tomcat6 package in xenial is affected and needs fixing. OR tomcat7 package in xenial is affected and needs fixing. OR tomcat8 package in xenial was vulnerable but has been fixed (note: '8.0.32-1ubuntu1.8').