Oval Definition:
oval:com.ubuntu.xenial:def:201880340000000
Revision Date
:
2018-08-01
Version
:
1
Title
:
CVE-2018-8034 on Ubuntu 16.04 LTS (xenial) - low.
Description
:
The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2018-8034
Platform(s)
:
Ubuntu 16.04 LTS
Product(s)
:
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed.
AND
Package Information
tomcat7 package in xenial is affected and needs fixing.
OR
tomcat8 package in xenial was vulnerable but has been fixed (note: '8.0.32-1ubuntu1.7').
BACK