Oval Definition:	oval:com.ubuntu.xenial:def:201902210000000
Revision Date: 2019-05-28 Version: 1 Title: CVE-2019-0221 on Ubuntu 16.04 LTS (xenial) - low. Description: The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website. Family: unix Class: vulnerability Status: Reference(s): CVE-2019-0221 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information tomcat7 package in xenial is affected and needs fixing. OR tomcat8 package in xenial was vulnerable but has been fixed (note: '8.0.32-1ubuntu1.10').
BACK