Oval Definition:	oval:com.ubuntu.xenial:def:2018170820000000
Revision Date: 2018-09-16 Version: 1 Title: CVE-2018-17082 on Ubuntu 16.04 LTS (xenial) - medium. Description: The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-17082 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND php7.0 package in xenial was vulnerable but has been fixed (note: '7.0.32-0ubuntu0.16.04.1').
BACK