Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/931052?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "mono", "version": "6.8.0.105+dfsg-3.3~deb11u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "6.8.0.105+dfsg-3.3", "latest_non_vulnerable_version": "6.14.1+ds2-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12463?format=api", "vulnerability_id": "VCID-1qhk-r5sq-zqhm", "summary": "Path traversal in SharpZipLib\nSharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A check was added if the destination file is under a destination directory. However, it is not enforced that `_baseDirectory` ends with slash. If the `_baseDirectory` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins as the destination directory one level up from the directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. fixed this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53094", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53186", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53138", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53145", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53125", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53204", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53196", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53157", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53173", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53082", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53101", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53188", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32842" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/icsharpcode/SharpZipLib" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:39Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:39Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32842", "reference_id": "CVE-2021-32842", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32842" }, { "reference_url": "https://github.com/advisories/GHSA-mm6g-mmq6-53ff", "reference_id": "GHSA-mm6g-mmq6-53ff", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mm6g-mmq6-53ff" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-32842", "GHSA-mm6g-mmq6-53ff" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1qhk-r5sq-zqhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63614?format=api", "vulnerability_id": "VCID-2jhf-j64s-gygy", "summary": "Security researcher Alin Rad Pop of Secunia\nResearch reported a heap-based buffer overflow in Mozilla's string to\nfloating point number conversion routines. Using this vulnerability\nan attacker could craft some malicious JavaScript code containing a\nvery long string to be converted to a floating point number which\nwould result in improper memory allocation and the execution of an\narbitrary memory location. This vulnerability could thus be leveraged\nby the attacker to run arbitrary code on a victim's computer.Update: The underlying flaw in the dtoa routines used\nby Mozilla appears to be essentially the same as that reported against the\nlibc gdtoa routine by Maksymilian Arciemowicz.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0689", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97433", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97395", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97421", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97429", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97402", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97406", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97408", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97415", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97417", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.4176", "scoring_system": "epss", "scoring_elements": "0.97419", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0689" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=539784", "reference_id": "539784", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689", "reference_id": "CVE-2009-0689", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt", "reference_id": "CVE-2009-0689", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt", "reference_id": "CVE-2009-0689;OSVDB-61186", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt", "reference_id": "CVE-2009-0689;OSVDB-61186", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt" }, { "reference_url": "https://www.securityfocus.com/bid/37078/info", "reference_id": "CVE-2009-0689;OSVDB-61186", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/37078/info" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt", "reference_id": "CVE-2009-0689;OSVDB-61187", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt", "reference_id": "CVE-2009-0689;OSVDB-61187", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt" }, { "reference_url": "https://www.securityfocus.com/bid/37080/info", "reference_id": "CVE-2009-0689;OSVDB-61187", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/37080/info" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt", "reference_id": "CVE-2009-0689;OSVDB-61189", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt" }, { "reference_url": "https://www.securityfocus.com/bid/36851/info", "reference_id": "CVE-2009-0689;OSVDB-61189", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/36851/info" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt", "reference_id": "CVE-2009-0689;OSVDB-62402", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt", "reference_id": "CVE-2009-0689;OSVDB-63639", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c", "reference_id": "CVE-2009-0689;OSVDB-63639", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c" }, { "reference_url": "https://www.securityfocus.com/bid/35510/info", "reference_id": "CVE-2009-0689;OSVDB-63639", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/35510/info" }, { "reference_url": "https://www.securityfocus.com/bid/37687/info", "reference_id": "CVE-2009-0689;OSVDB-63639", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/37687/info" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt", "reference_id": "CVE-2009-0689;OSVDB-63641", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt" }, { "reference_url": "https://www.securityfocus.com/bid/37688/info", "reference_id": "CVE-2009-0689;OSVDB-63641", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/37688/info" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-59", "reference_id": "mfsa2009-59", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2009-59" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl", "reference_id": "OSVDB-61189;CVE-2009-0689", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1530", "reference_id": "RHSA-2009:1530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1531", "reference_id": "RHSA-2009:1531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1601", "reference_id": "RHSA-2009:1601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0153", "reference_id": "RHSA-2010:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0154", "reference_id": "RHSA-2010:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0311", "reference_id": "RHSA-2014:0311", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0311" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0312", "reference_id": "RHSA-2014:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0312" }, { "reference_url": "https://usn.ubuntu.com/871-1/", "reference_id": "USN-871-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/871-1/" }, { "reference_url": "https://usn.ubuntu.com/915-1/", "reference_id": "USN-915-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/915-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931061?format=api", "purl": "pkg:deb/debian/mono@4.2.1.102%2Bdfsg2-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@4.2.1.102%252Bdfsg2-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0689" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jhf-j64s-gygy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/121553?format=api", "vulnerability_id": "VCID-45yu-4es7-wqg6", "summary": "StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing (1) space or (2) dot, which is not properly handled by XSP.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57483", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57567", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57589", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57564", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57617", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57636", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57594", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57624", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.5762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57598", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5473" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-5473" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-45yu-4es7-wqg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14229?format=api", "vulnerability_id": "VCID-4g67-mxz3-27ak", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nThe default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1459.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1459.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.6135", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61339", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61359", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61326", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61365", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61369", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61199", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61279", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61308", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61276", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459" }, { "reference_url": "https://github.com/mono/mono", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/mono/mono" }, { "reference_url": "http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/04/29/asp-net-cross-site-scripting-followup-mono.aspx", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/04/29/asp-net-cross-site-scripting-followup-mono.aspx" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities#ASP.NET_View_State_Cross-Site_Scripting", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mono-project.com/Vulnerabilities#ASP.NET_View_State_Cross-Site_Scripting" }, { "reference_url": "http://www.securityfocus.com/bid/40351", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/40351" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585440", "reference_id": "585440", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585440" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=598155", "reference_id": "598155", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598155" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1459", "reference_id": "CVE-2010-1459", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1459" }, { "reference_url": "https://github.com/advisories/GHSA-g5c6-w479-93xm", "reference_id": "GHSA-g5c6-w479-93xm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g5c6-w479-93xm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931062?format=api", "purl": "pkg:deb/debian/mono@2.4.4~svn151842-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.4.4~svn151842-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-1459", "GHSA-g5c6-w479-93xm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4g67-mxz3-27ak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58482?format=api", "vulnerability_id": "VCID-75b6-ycq1-93ay", "summary": "A hash collision vulnerability in Mono allows remote attackers to\n cause a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/security/cve/cve-2012-3543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/cve-2012-3543" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77063", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.7707", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.76965", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.76971", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.76981", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77013", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77024", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77052", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77027", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77068", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3543" }, { "reference_url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2012-3543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2012-3543" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3543" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-3543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-3543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2012-3543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2012-3543" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/08/28/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/08/28/14" }, { "reference_url": "http://www.securityfocus.com/bid/55251", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/55251" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2547-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2547-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686562", "reference_id": "686562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686562" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3543", "reference_id": "CVE-2012-3543", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3543" }, { "reference_url": "https://security.gentoo.org/glsa/201405-16", "reference_id": "GLSA-201405-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201405-16" }, { "reference_url": "https://usn.ubuntu.com/2547-1/", "reference_id": "USN-2547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2547-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931066?format=api", "purl": "pkg:deb/debian/mono@2.10.8.1-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.10.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-3543" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-75b6-ycq1-93ay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41681?format=api", "vulnerability_id": "VCID-91z4-znxj-2fds", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/04/06/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/04/06/14" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78666", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78599", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.7863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78636", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78642", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78667", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78671", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78669", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0990" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=667077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=667077" }, { "reference_url": "http://secunia.com/advisories/44002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44002" }, { "reference_url": "http://secunia.com/advisories/44076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44076" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66625" }, { "reference_url": "https://github.com/mono/mono/commit/2f00e4bbb2137130845afb1b2a1e678552fc8e5c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/2f00e4bbb2137130845afb1b2a1e678552fc8e5c" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities" }, { "reference_url": "http://www.securityfocus.com/bid/47208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47208" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0904" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0990", "reference_id": "CVE-2011-0990", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0990" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0990" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-91z4-znxj-2fds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48433?format=api", "vulnerability_id": "VCID-99h2-625x-nfct", "summary": "Mono is vulnerable to linking attacks, potentially allowing a local user to\n overwrite arbitrary files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5072", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1906", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19195", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19248", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18963", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19043", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19097", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19103", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19056", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19004", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18959", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18971", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18976", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5072" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072" }, { "reference_url": "https://security.gentoo.org/glsa/200611-23", "reference_id": "GLSA-200611-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200611-23" }, { "reference_url": "https://usn.ubuntu.com/357-1/", "reference_id": "USN-357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/357-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931055?format=api", "purl": "pkg:deb/debian/mono@1.1.17.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.1.17.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-5072" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-99h2-625x-nfct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41683?format=api", "vulnerability_id": "VCID-a483-t5eh-pkf5", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/04/06/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/04/06/14" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0992", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80102", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80021", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80028", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80051", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.8004", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80068", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80096", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.8008", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80072", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.801", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80101", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0992" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=667077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=667077" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=678515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=678515" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=694933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=694933" }, { "reference_url": "http://secunia.com/advisories/44002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44002" }, { "reference_url": "http://secunia.com/advisories/44076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44076" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66627" }, { "reference_url": "https://github.com/mono/mono/commit/722f9890f09aadfc37ae479e7d946d5fc5ef7b91", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/722f9890f09aadfc37ae479e7d946d5fc5ef7b91" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities" }, { "reference_url": "http://www.securityfocus.com/bid/47208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47208" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0904" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0992", "reference_id": "CVE-2011-0992", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0992" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" }, { "reference_url": "https://usn.ubuntu.com/2547-1/", "reference_id": "USN-2547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2547-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0992" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a483-t5eh-pkf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95459?format=api", "vulnerability_id": "VCID-azkx-bdnb-ebbg", "summary": "The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-26314", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.8155", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.81476", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.81504", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.8151", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.8153", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.81517", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.81547", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.81548", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01567", "scoring_system": "epss", "scoring_elements": "0.81479", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81497", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-26314" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26314", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26314" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/01/05/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T16:24:03Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/01/05/1" }, { "reference_url": "https://bugs.debian.org/972146", "reference_id": "972146", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T16:24:03Z/" } ], "url": "https://bugs.debian.org/972146" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972146", "reference_id": "972146", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972146" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00037.html", "reference_id": "msg00037.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T16:24:03Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00037.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931069?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-26314" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azkx-bdnb-ebbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41677?format=api", "vulnerability_id": "VCID-c1c3-ck5x-mkay", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://osvdb.org/70312", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/70312" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4225", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68289", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68198", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68219", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68237", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68213", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68264", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68279", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68304", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68292", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68258", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68298", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68309", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225" }, { "reference_url": "http://secunia.com/advisories/42842", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42842" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64532" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities#XSP.2Fmod_mono_source_code_disclosure", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities#XSP.2Fmod_mono_source_code_disclosure" }, { "reference_url": "http://www.securityfocus.com/bid/45711", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/45711" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0051", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0051" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608288", "reference_id": "608288", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608288" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4225", "reference_id": "CVE-2010-4225", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4225" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931064?format=api", "purl": "pkg:deb/debian/mono@2.6.7-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.6.7-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-4225" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c1c3-ck5x-mkay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12451?format=api", "vulnerability_id": "VCID-eadx-224r-vyhs", "summary": "Path traversal in SharpZipLib\nSharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. contains a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.5931", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59366", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59385", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59379", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59347", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59365", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59381", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59362", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59349", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59299", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59334", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59236", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32841" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/icsharpcode/SharpZipLib" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32841", "reference_id": "CVE-2021-32841", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32841" }, { "reference_url": "https://github.com/advisories/GHSA-2x7h-96h5-rq84", "reference_id": "GHSA-2x7h-96h5-rq84", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2x7h-96h5-rq84" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-32841", "GHSA-2x7h-96h5-rq84" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eadx-224r-vyhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88401?format=api", "vulnerability_id": "VCID-f6cm-frak-aydf", "summary": "mono: XSS vulnerabilities in the ASP.net class libraries", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html" }, { "reference_url": "http://lists.ximian.com/pipermail/mono-devel-list/2008-July/028633.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.ximian.com/pipermail/mono-devel-list/2008-July/028633.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3422.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70854", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70761", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70777", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70795", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70771", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70815", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70853", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70838", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70823", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70868", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.70874", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3422" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=413534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=413534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3422" }, { "reference_url": "http://secunia.com/advisories/31338", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31338" }, { "reference_url": "http://secunia.com/advisories/31982", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31982" }, { "reference_url": "http://secunia.com/advisories/36494", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/36494" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44229" }, { "reference_url": "http://www.securityfocus.com/bid/30471", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30471" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=457525", "reference_id": "457525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457525" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494406", "reference_id": "494406", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494406" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3422", "reference_id": "CVE-2008-3422", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3422" }, { "reference_url": "https://usn.ubuntu.com/826-1/", "reference_id": "USN-826-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/826-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931059?format=api", "purl": "pkg:deb/debian/mono@1.9.1%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.9.1%252Bdfsg-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-3422" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f6cm-frak-aydf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59826?format=api", "vulnerability_id": "VCID-fc3w-b9en-rbbm", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79687", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79684", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79607", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79613", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79635", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79622", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.7965", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79658", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79678", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79663", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.79655", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2318" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320" }, { "reference_url": "https://github.com/mono/mono/commit/1509226c41d74194c146deb173e752b8d3cdeec4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/1509226c41d74194c146deb173e752b8d3cdeec4" }, { "reference_url": "https://mitls.org/pages/attacks/SMACK#skip", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mitls.org/pages/attacks/SMACK#skip" }, { "reference_url": "https://www.debian.org/security/2015/dsa-3202", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2015/dsa-3202" }, { "reference_url": "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/03/17/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/03/17/9" }, { "reference_url": "http://www.securityfocus.com/bid/73253", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/73253" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2547-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2547-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751", "reference_id": "780751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2318", "reference_id": "CVE-2015-2318", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2318" }, { "reference_url": "https://usn.ubuntu.com/2547-1/", "reference_id": "USN-2547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2547-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931067?format=api", "purl": "pkg:deb/debian/mono@3.2.8%2Bdfsg-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@3.2.8%252Bdfsg-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-2318" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fc3w-b9en-rbbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12462?format=api", "vulnerability_id": "VCID-fxh1-kq9x-6bbz", "summary": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nSharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.8143", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81429", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81392", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81327", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81336", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.814", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81412", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81358", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81386", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32840" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/icsharpcode/SharpZipLib" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32840", "reference_id": "CVE-2021-32840", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32840" }, { "reference_url": "https://github.com/advisories/GHSA-m22m-h4rf-pwq3", "reference_id": "GHSA-m22m-h4rf-pwq3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m22m-h4rf-pwq3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-32840", "GHSA-m22m-h4rf-pwq3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fxh1-kq9x-6bbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41680?format=api", "vulnerability_id": "VCID-gt2k-srht-4qfe", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/04/06/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/04/06/14" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76686", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76596", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76599", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76628", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76609", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76641", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76679", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76659", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76651", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76693", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76698", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0989" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=667077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=667077" }, { "reference_url": "http://secunia.com/advisories/44002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44002" }, { "reference_url": "http://secunia.com/advisories/44076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44076" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66624" }, { "reference_url": "https://github.com/mono/mono/commit/035c8587c0d8d307e45f1b7171a0d337bb451f1e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/035c8587c0d8d307e45f1b7171a0d337bb451f1e" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities" }, { "reference_url": "http://www.securityfocus.com/bid/47208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47208" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0904" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0989", "reference_id": "CVE-2011-0989", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0989" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0989" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gt2k-srht-4qfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41682?format=api", "vulnerability_id": "VCID-kbuv-pvcj-bucr", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/04/06/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/04/06/14" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0991", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85914", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85833", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85865", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85884", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85894", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85906", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.859", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85918", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85923", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0991" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=660422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=660422" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=667077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=667077" }, { "reference_url": "http://secunia.com/advisories/44002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44002" }, { "reference_url": "http://secunia.com/advisories/44076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44076" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66626" }, { "reference_url": "https://github.com/mono/mono/commit/3f8ee42b8c867d9a4c18c22657840d072cca5c3a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/3f8ee42b8c867d9a4c18c22657840d072cca5c3a" }, { "reference_url": "https://github.com/mono/mono/commit/89d1455a80ef13cddee5d79ec00c06055da3085c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/89d1455a80ef13cddee5d79ec00c06055da3085c" }, { "reference_url": "https://github.com/mono/mono/commit/8eb1189099e02372fd45ca1c67230eccf1edddc0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/8eb1189099e02372fd45ca1c67230eccf1edddc0" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities" }, { "reference_url": "http://www.securityfocus.com/bid/47208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47208" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0904" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0991", "reference_id": "CVE-2011-0991", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0991" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0991" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kbuv-pvcj-bucr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59828?format=api", "vulnerability_id": "VCID-nssu-1x9p-mudc", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2319", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75293", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75302", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75205", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75207", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75238", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75216", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75258", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75269", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.7529", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75267", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75256", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75295", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2319" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320" }, { "reference_url": "https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10" }, { "reference_url": "https://mitls.org/pages/attacks/SMACK#freak", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mitls.org/pages/attacks/SMACK#freak" }, { "reference_url": "https://www.debian.org/security/2015/dsa-3202", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2015/dsa-3202" }, { "reference_url": "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/03/17/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/03/17/9" }, { "reference_url": "http://www.securityfocus.com/bid/73250", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/73250" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2547-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2547-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751", "reference_id": "780751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2319", "reference_id": "CVE-2015-2319", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2319" }, { "reference_url": "https://usn.ubuntu.com/2547-1/", "reference_id": "USN-2547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2547-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931067?format=api", "purl": "pkg:deb/debian/mono@3.2.8%2Bdfsg-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@3.2.8%252Bdfsg-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-2319" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nssu-1x9p-mudc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92359?format=api", "vulnerability_id": "VCID-nz8p-usaz-8kgt", "summary": "Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52699", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.5274", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52733", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52784", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52778", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52829", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52813", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52796", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52833", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.5284", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52824", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681095", "reference_id": "681095", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681095" }, { "reference_url": "https://usn.ubuntu.com/1517-1/", "reference_id": "USN-1517-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1517-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931065?format=api", "purl": "pkg:deb/debian/mono@2.10.8.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.10.8.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-3382" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nz8p-usaz-8kgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41676?format=api", "vulnerability_id": "VCID-s4yu-1s7d-bufz", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.ximian.com/pipermail/mono-patches/2010-October/177900.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.ximian.com/pipermail/mono-patches/2010-October/177900.html" }, { "reference_url": "http://marc.info/?l=oss-security&m=128939873515821&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=oss-security&m=128939873515821&w=2" }, { "reference_url": "http://marc.info/?l=oss-security&m=128939912716499&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=oss-security&m=128939912716499&w=2" }, { "reference_url": "http://marc.info/?l=oss-security&m=128941802415318&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=oss-security&m=128941802415318&w=2" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28369", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28468", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28562", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28409", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28475", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28516", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28476", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28427", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28443", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.2842", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4159" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=641915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=641915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159" }, { "reference_url": "http://secunia.com/advisories/42174", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42174" }, { "reference_url": "https://github.com/mono/mono/commit/8e890a3bf80a4620e417814dc14886b1bbd17625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/8e890a3bf80a4620e417814dc14886b1bbd17625" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:240", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:240" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities#Mono_Runtime_Insecure_Native_Library_Loading", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities#Mono_Runtime_Insecure_Native_Library_Loading" }, { "reference_url": "http://www.securityfocus.com/bid/44810", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/44810" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3059", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3059" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605097", "reference_id": "605097", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605097" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:2.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4159", "reference_id": "CVE-2010-4159", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4159" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" }, { "reference_url": "https://usn.ubuntu.com/1517-1/", "reference_id": "USN-1517-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1517-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931063?format=api", "purl": "pkg:deb/debian/mono@2.6.7-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.6.7-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-4159" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s4yu-1s7d-bufz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90739?format=api", "vulnerability_id": "VCID-sgsg-b4yc-juh6", "summary": "mono: Sys.Web HTTP header injection attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3906.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3906.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.9217", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.92125", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.92133", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.92139", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.92144", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.92155", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.92158", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.92162", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.92163", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08111", "scoring_system": "epss", "scoring_elements": "0.92169", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3906" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=418620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=418620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3906" }, { "reference_url": "http://secunia.com/advisories/31643", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31643" }, { "reference_url": "http://secunia.com/advisories/36494", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/36494" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44740" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:210", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:210" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/08/27/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/08/27/6" }, { "reference_url": "http://www.securityfocus.com/archive/1/496845/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/496845/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30867", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30867" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2443", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2443" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=461752", "reference_id": "461752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=461752" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498894", "reference_id": "498894", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498894" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3906", "reference_id": "CVE-2008-3906", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3906" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32303.txt", "reference_id": "CVE-2008-3906;OSVDB-47855", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32303.txt" }, { "reference_url": "https://www.securityfocus.com/bid/30867/info", "reference_id": "CVE-2008-3906;OSVDB-47855", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/30867/info" }, { "reference_url": "https://usn.ubuntu.com/826-1/", "reference_id": "USN-826-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/826-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931059?format=api", "purl": "pkg:deb/debian/mono@1.9.1%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.9.1%252Bdfsg-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-3906" ], "risk_score": 7.8, "exploitability": "2.0", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgsg-b4yc-juh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91343?format=api", "vulnerability_id": "VCID-t9ck-91tr-nfaw", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including \">\" and \"<\".", "references": [ { "reference_url": "http://it-project.ru/andir/docs/aspxvuln/aspxvuln.en.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://it-project.ru/andir/docs/aspxvuln/aspxvuln.en.xml" }, { "reference_url": "http://marc.info/?l=bugtraq&m=110867912714913&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=110867912714913&w=2" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0509", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92211", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92165", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92172", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92178", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92181", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92193", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92196", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92201", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92198", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08187", "scoring_system": "epss", "scoring_elements": "0.92209", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0509" }, { "reference_url": "http://secunia.com/advisories/14325", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/14325" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:1.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:1.0:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0509", "reference_id": "CVE-2005-0509", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0509" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931051?format=api", "purl": "pkg:deb/debian/mono@1.1.6-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.1.6-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-0509" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t9ck-91tr-nfaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59830?format=api", "vulnerability_id": "VCID-w6qh-dtdh-1bep", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2320", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89526", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89529", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89478", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89482", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89493", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89494", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.8951", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89514", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89519", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04829", "scoring_system": "epss", "scoring_elements": "0.89528", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2320" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320" }, { "reference_url": "https://github.com/mono/mono/commit/b371da6b2d68b4cdd0f21d6342af6c42794f998b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/b371da6b2d68b4cdd0f21d6342af6c42794f998b" }, { "reference_url": "https://www.debian.org/security/2015/dsa-3202", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2015/dsa-3202" }, { "reference_url": "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/03/17/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/03/17/9" }, { "reference_url": "http://www.securityfocus.com/bid/73256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/73256" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2547-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2547-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751", "reference_id": "780751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2320", "reference_id": "CVE-2015-2320", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2320" }, { "reference_url": "https://usn.ubuntu.com/2547-1/", "reference_id": "USN-2547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2547-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931067?format=api", "purl": "pkg:deb/debian/mono@3.2.8%2Bdfsg-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@3.2.8%252Bdfsg-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-2320" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6qh-dtdh-1bep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49344?format=api", "vulnerability_id": "VCID-xhd4-zcc1-gyak", "summary": "Mono does not properly sanitize pathnames allowing unauthorized information\n disclosure.", "references": [ { "reference_url": "http://fedoranews.org/cms/node/2400", "reference_id": "", "reference_type": "", "scores": [], "url": "http://fedoranews.org/cms/node/2400" }, { "reference_url": "http://fedoranews.org/cms/node/2401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://fedoranews.org/cms/node/2401" }, { "reference_url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-6104", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.9477", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.94764", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.94767", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.94728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.94732", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.94733", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.94743", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.94747", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.94751", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15908", "scoring_system": "epss", "scoring_elements": "0.94755", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.17546", "scoring_system": "epss", "scoring_elements": "0.95051", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-6104" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104" }, { "reference_url": "http://secunia.com/advisories/23432", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/23432" }, { "reference_url": "http://secunia.com/advisories/23435", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/23435" }, { "reference_url": "http://secunia.com/advisories/23462", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/23462" }, { "reference_url": "http://secunia.com/advisories/23597", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/23597" }, { "reference_url": "http://secunia.com/advisories/23727", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/23727" }, { "reference_url": "http://secunia.com/advisories/23776", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/23776" }, { "reference_url": "http://secunia.com/advisories/23779", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/23779" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200701-12.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200701-12.xml" }, { "reference_url": "http://securityreason.com/securityalert/2082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/2082" }, { "reference_url": "http://securitytracker.com/id?1017430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securitytracker.com/id?1017430" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092" }, { "reference_url": "http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:234", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:234" }, { "reference_url": "http://www.securityfocus.com/archive/1/454962/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/454962/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/21687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/21687" }, { "reference_url": "http://www.ubuntu.com/usn/usn-397-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-397-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2006/5099", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2006/5099" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:xsp:1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:xsp:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:xsp:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6104", "reference_id": "CVE-2006-6104", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6104" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29302.txt", "reference_id": "CVE-2006-6104;OSVDB-32391", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29302.txt" }, { "reference_url": "https://www.securityfocus.com/bid/21687/info", "reference_id": "CVE-2006-6104;OSVDB-32391", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/21687/info" }, { "reference_url": "https://security.gentoo.org/glsa/200701-12", "reference_id": "GLSA-200701-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200701-12" }, { "reference_url": "https://usn.ubuntu.com/397-1/", "reference_id": "USN-397-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/397-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931056?format=api", "purl": "pkg:deb/debian/mono@1.2.2.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.2.2.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-6104" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xhd4-zcc1-gyak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15235?format=api", "vulnerability_id": "VCID-xzc1-cy42-2ub4", "summary": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nSharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69542", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69639", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69658", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69649", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69609", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69623", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69638", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69616", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69599", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69549", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6957", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69554", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1002208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002208" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/issues/232", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/icsharpcode/SharpZipLib/issues/232" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/wiki/Release-1.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/icsharpcode/SharpZipLib/wiki/Release-1.0" }, { "reference_url": "https://github.com/snyk/zip-slip-vulnerability", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/snyk/zip-slip-vulnerability" }, { "reference_url": "https://snyk.io/research/zip-slip-vulnerability", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/research/zip-slip-vulnerability" }, { "reference_url": "https://snyk.io/vuln/SNYK-DOTNET-SHARPZIPLIB-60247", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-DOTNET-SHARPZIPLIB-60247" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1002208", "reference_id": "CVE-2018-1002208", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1002208" }, { "reference_url": "https://github.com/advisories/GHSA-cqj4-m2pc-v9m5", "reference_id": "GHSA-cqj4-m2pc-v9m5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cqj4-m2pc-v9m5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931068?format=api", "purl": "pkg:deb/debian/mono@5.18.0.240%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@5.18.0.240%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1002208", "GHSA-cqj4-m2pc-v9m5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzc1-cy42-2ub4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59289?format=api", "vulnerability_id": "VCID-yqu4-jn6n-eug3", "summary": "Mono's BigInteger implementation contains a buffer overflow vulnerability\n that might lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5197.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5197.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84773", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84789", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.8481", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84832", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84838", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84857", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84854", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.8487", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02337", "scoring_system": "epss", "scoring_elements": "0.84868", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=367471", "reference_id": "367471", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=367471" }, { "reference_url": "https://security.gentoo.org/glsa/200711-10", "reference_id": "GLSA-200711-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-10" }, { "reference_url": "https://usn.ubuntu.com/553-1/", "reference_id": "USN-553-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/553-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931057?format=api", "purl": "pkg:deb/debian/mono@1.2.5.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.2.5.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-5197" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yqu4-jn6n-eug3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6667?format=api", "vulnerability_id": "VCID-z7ht-bq8z-3qgd", "summary": "XML signature HMAC truncation authentication bypass\nThis package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0217.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83541", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83581", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83557", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83556", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83529", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83605", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.8359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84514", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84512", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84491", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84495", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0217" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041" }, { "reference_url": "https://gitlab.gnome.org/Archive/xmlsec/-/commit/34b349675af9f72eb822837a8772cc1ead7115c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitlab.gnome.org/Archive/xmlsec/-/commit/34b349675af9f72eb822837a8772cc1ead7115c7" }, { "reference_url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526" }, { "reference_url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527" }, { "reference_url": "https://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" }, { "reference_url": "https://marc.info/?l=bugtraq&m=125787273209737&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://marc.info/?l=bugtraq&m=125787273209737&w=2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html" }, { "reference_url": "https://svn.apache.org/viewvc?revision=794013&view=revision", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.apache.org/viewvc?revision=794013&view=revision" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=794013", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=794013" }, { "reference_url": "https://www.debian.org/security/2010/dsa-1995", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2010/dsa-1995" }, { "reference_url": "https://www.gentoo.org/security/en/glsa/glsa-201408-19.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "reference_url": "https://www.kb.cert.org/vuls/id/466161", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/466161" }, { "reference_url": "https://www.kb.cert.org/vuls/id/MAPG-7TSKXQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/MAPG-7TSKXQ" }, { "reference_url": "https://www.kb.cert.org/vuls/id/WDON-7TY529", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/WDON-7TY529" }, { "reference_url": "https://www.mandriva.com/security/advisories?name=MDVSA-2009:209", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html" }, { "reference_url": "https://www.redhat.com/support/errata/RHSA-2009-1694.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/support/errata/RHSA-2009-1694.html" }, { "reference_url": "https://www.ubuntu.com/usn/USN-903-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.ubuntu.com/usn/USN-903-1" }, { "reference_url": "https://www.us-cert.gov/cas/techalerts/TA09-294A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "reference_url": "https://www.w3.org/2008/06/xmldsigcore-errata.html#e03", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.w3.org/2008/06/xmldsigcore-errata.html#e03" }, { "reference_url": "https://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "reference_url": "https://bugzilla.redhat.com/CVE-2009-0217", "reference_id": "CVE-2009-0217", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/CVE-2009-0217" }, { "reference_url": "https://github.com/advisories/GHSA-8hfm-837h-hjg5", "reference_id": "GHSA-8hfm-837h-hjg5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8hfm-837h-hjg5" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" }, { "reference_url": "https://security.gentoo.org/glsa/201408-19", "reference_id": "GLSA-201408-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1428", "reference_id": "RHSA-2009:1428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1636", "reference_id": "RHSA-2009:1636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1637", "reference_id": "RHSA-2009:1637", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1649", "reference_id": "RHSA-2009:1649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1650", "reference_id": "RHSA-2009:1650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" }, { "reference_url": "https://usn.ubuntu.com/826-1/", "reference_id": "USN-826-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/826-1/" }, { "reference_url": "https://usn.ubuntu.com/903-1/", "reference_id": "USN-903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931060?format=api", "purl": "pkg:deb/debian/mono@2.4.2.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.4.2.3%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0217", "GHSA-8hfm-837h-hjg5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7ht-bq8z-3qgd" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }