OVAL Reference oval:com.ubuntu.xenial:def:2019162550000000

Oval Definition:

oval:com.ubuntu.xenial:def:2019162550000000

Revision Date:	2019-11-26	Version:	1
Title:	CVE-2019-16255 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2019-16255
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND Package Information jruby package in xenial is affected and may need fixing. OR ruby2.3 package in xenial was vulnerable but has been fixed (note: '2.3.1-2~ubuntu16.04.14').