Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/mono@0?distro=trixie

Type deb

Namespace debian

Name mono

Version 0

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.1.6-4

Latest_non_vulnerable_version 6.14.1+ds2-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1qhk-r5sq-zqhm

vulnerability_id VCID-1qhk-r5sq-zqhm

summary

Path traversal in SharpZipLib
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A check was added if the destination file is under a destination directory. However, it is not enforced that `_baseDirectory` ends with slash. If the `_baseDirectory` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins as the destination directory one level up from the directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. fixed this vulnerability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-32842

reference_id

reference_type

scores

value	0.00298
scoring_system	epss
scoring_elements	0.53094
published_at	2026-04-07T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53186
published_at	2026-04-21T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53138
published_at	2026-04-09T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53145
published_at	2026-04-08T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53125
published_at	2026-04-04T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53204
published_at	2026-04-18T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53196
published_at	2026-04-16T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53157
published_at	2026-04-13T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53173
published_at	2026-04-12T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53082
published_at	2026-04-01T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53101
published_at	2026-04-02T12:55:00Z

value	0.00298
scoring_system	epss
scoring_elements	0.53188
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-32842

reference_url

https://github.com/icsharpcode/SharpZipLib

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/icsharpcode/SharpZipLib

reference_url

https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:39Z/

url

https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3

reference_url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib

reference_url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:39Z/

url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-32842

reference_id

CVE-2021-32842

reference_type

scores

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-32842

reference_url

https://github.com/advisories/GHSA-mm6g-mmq6-53ff

reference_id

GHSA-mm6g-mmq6-53ff

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mm6g-mmq6-53ff

fixed_packages

url	pkg:deb/debian/mono@0?distro=trixie
purl	pkg:deb/debian/mono@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie

url	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
purl	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie

aliases CVE-2021-32842, GHSA-mm6g-mmq6-53ff

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1qhk-r5sq-zqhm

url VCID-45yu-4es7-wqg6

vulnerability_id VCID-45yu-4es7-wqg6

summary StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing (1) space or (2) dot, which is not properly handled by XSP.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-5473

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.57483
published_at	2026-04-01T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57567
published_at	2026-04-02T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57589
published_at	2026-04-04T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57564
published_at	2026-04-07T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57617
published_at	2026-04-12T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57622
published_at	2026-04-09T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57636
published_at	2026-04-11T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57594
published_at	2026-04-13T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57624
published_at	2026-04-16T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.5762
published_at	2026-04-18T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57598
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-5473

fixed_packages

url	pkg:deb/debian/mono@0?distro=trixie
purl	pkg:deb/debian/mono@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie

url	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
purl	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie

aliases CVE-2007-5473

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-45yu-4es7-wqg6

url VCID-91z4-znxj-2fds

vulnerability_id VCID-91z4-znxj-2fds

summary

Multiple vulnerabilities were found in Mono, the worst of which
    allowing for the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html

reference_url	http://openwall.com/lists/oss-security/2011/04/06/14
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2011/04/06/14

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0990

reference_id

reference_type

scores

value	0.01167
scoring_system	epss
scoring_elements	0.78666
published_at	2026-04-21T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.78592
published_at	2026-04-01T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.78599
published_at	2026-04-02T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.7863
published_at	2026-04-04T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.78611
published_at	2026-04-07T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.78636
published_at	2026-04-08T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.78642
published_at	2026-04-13T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.78667
published_at	2026-04-11T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.78649
published_at	2026-04-12T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.78671
published_at	2026-04-16T12:55:00Z

value	0.01167
scoring_system	epss
scoring_elements	0.78669
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0990

reference_url	https://bugzilla.novell.com/show_bug.cgi?id=667077
reference_id
reference_type
scores
url	https://bugzilla.novell.com/show_bug.cgi?id=667077

reference_url	http://secunia.com/advisories/44002
reference_id
reference_type
scores
url	http://secunia.com/advisories/44002

reference_url	http://secunia.com/advisories/44076
reference_id
reference_type
scores
url	http://secunia.com/advisories/44076

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66625
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66625

reference_url	https://github.com/mono/mono/commit/2f00e4bbb2137130845afb1b2a1e678552fc8e5c
reference_id
reference_type
scores
url	https://github.com/mono/mono/commit/2f00e4bbb2137130845afb1b2a1e678552fc8e5c

reference_url	http://www.mono-project.com/Vulnerabilities
reference_id
reference_type
scores
url	http://www.mono-project.com/Vulnerabilities

reference_url	http://www.securityfocus.com/bid/47208
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/47208

reference_url	http://www.vupen.com/english/advisories/2011/0904
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0904

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono::::::::
reference_id	cpe:2.3:a:mono:mono::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:::::::*
reference_id	cpe:2.3:a:novell:moonlight:3.99:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0990

reference_id

CVE-2011-0990

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0990

reference_url	https://security.gentoo.org/glsa/201206-13
reference_id	GLSA-201206-13
reference_type
scores
url	https://security.gentoo.org/glsa/201206-13

fixed_packages

url	pkg:deb/debian/mono@0?distro=trixie
purl	pkg:deb/debian/mono@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie

url	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
purl	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie

aliases CVE-2011-0990

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91z4-znxj-2fds

url VCID-a483-t5eh-pkf5

vulnerability_id VCID-a483-t5eh-pkf5

summary

Multiple vulnerabilities were found in Mono, the worst of which
    allowing for the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html

reference_url	http://openwall.com/lists/oss-security/2011/04/06/14
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2011/04/06/14

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0992

reference_id

reference_type

scores

value	0.01346
scoring_system	epss
scoring_elements	0.80102
published_at	2026-04-21T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80021
published_at	2026-04-01T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80028
published_at	2026-04-02T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80051
published_at	2026-04-04T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.8004
published_at	2026-04-07T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80068
published_at	2026-04-08T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80077
published_at	2026-04-09T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80096
published_at	2026-04-11T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.8008
published_at	2026-04-12T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80072
published_at	2026-04-13T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.801
published_at	2026-04-16T12:55:00Z

value	0.01346
scoring_system	epss
scoring_elements	0.80101
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0992

reference_url	https://bugzilla.novell.com/show_bug.cgi?id=667077
reference_id
reference_type
scores
url	https://bugzilla.novell.com/show_bug.cgi?id=667077

reference_url	https://bugzilla.novell.com/show_bug.cgi?id=678515
reference_id
reference_type
scores
url	https://bugzilla.novell.com/show_bug.cgi?id=678515

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=694933
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=694933

reference_url	http://secunia.com/advisories/44002
reference_id
reference_type
scores
url	http://secunia.com/advisories/44002

reference_url	http://secunia.com/advisories/44076
reference_id
reference_type
scores
url	http://secunia.com/advisories/44076

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66627
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66627

reference_url	https://github.com/mono/mono/commit/722f9890f09aadfc37ae479e7d946d5fc5ef7b91
reference_id
reference_type
scores
url	https://github.com/mono/mono/commit/722f9890f09aadfc37ae479e7d946d5fc5ef7b91

reference_url	http://www.mono-project.com/Vulnerabilities
reference_id
reference_type
scores
url	http://www.mono-project.com/Vulnerabilities

reference_url	http://www.securityfocus.com/bid/47208
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/47208

reference_url	http://www.vupen.com/english/advisories/2011/0904
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0904

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono::::::::
reference_id	cpe:2.3:a:mono:mono::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:::::::*
reference_id	cpe:2.3:a:novell:moonlight:3.99:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0992

reference_id

CVE-2011-0992

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0992

reference_url	https://security.gentoo.org/glsa/201206-13
reference_id	GLSA-201206-13
reference_type
scores
url	https://security.gentoo.org/glsa/201206-13

reference_url	https://usn.ubuntu.com/2547-1/
reference_id	USN-2547-1
reference_type
scores
url	https://usn.ubuntu.com/2547-1/

fixed_packages

url	pkg:deb/debian/mono@0?distro=trixie
purl	pkg:deb/debian/mono@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie

url	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
purl	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie

aliases CVE-2011-0992

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a483-t5eh-pkf5

url VCID-eadx-224r-vyhs

vulnerability_id VCID-eadx-224r-vyhs

summary

Path traversal in SharpZipLib
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. contains a patch for this vulnerability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-32841

reference_id

reference_type

scores

value	0.00378
scoring_system	epss
scoring_elements	0.5931
published_at	2026-04-02T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59366
published_at	2026-04-21T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59385
published_at	2026-04-18T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59379
published_at	2026-04-16T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59347
published_at	2026-04-13T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59365
published_at	2026-04-12T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59381
published_at	2026-04-11T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59362
published_at	2026-04-09T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59349
published_at	2026-04-08T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59299
published_at	2026-04-07T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59334
published_at	2026-04-04T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59236
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-32841

reference_url

https://github.com/icsharpcode/SharpZipLib

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/icsharpcode/SharpZipLib

reference_url

https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/

url

https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78

reference_url

https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/

url

https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3

reference_url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib

reference_url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/

url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-32841

reference_id

CVE-2021-32841

reference_type

scores

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-32841

reference_url

https://github.com/advisories/GHSA-2x7h-96h5-rq84

reference_id

GHSA-2x7h-96h5-rq84

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-2x7h-96h5-rq84

fixed_packages

url	pkg:deb/debian/mono@0?distro=trixie
purl	pkg:deb/debian/mono@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie

url	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
purl	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie

aliases CVE-2021-32841, GHSA-2x7h-96h5-rq84

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eadx-224r-vyhs

url VCID-fxh1-kq9x-6bbz

vulnerability_id VCID-fxh1-kq9x-6bbz

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-32840

reference_id

reference_type

scores

value	0.01545
scoring_system	epss
scoring_elements	0.81391
published_at	2026-04-09T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.8143
published_at	2026-04-21T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.81429
published_at	2026-04-16T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.81392
published_at	2026-04-13T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.81327
published_at	2026-04-01T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.81336
published_at	2026-04-02T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.814
published_at	2026-04-12T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.81412
published_at	2026-04-11T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.81358
published_at	2026-04-04T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.81357
published_at	2026-04-07T12:55:00Z

value	0.01545
scoring_system	epss
scoring_elements	0.81386
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-32840

reference_url

https://github.com/icsharpcode/SharpZipLib

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/icsharpcode/SharpZipLib

reference_url

https://github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/

url

https://github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc

reference_url

https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/

url

https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3

reference_url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib

reference_url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/

url

https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-32840

reference_id

CVE-2021-32840

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-32840

reference_url

https://github.com/advisories/GHSA-m22m-h4rf-pwq3

reference_id

GHSA-m22m-h4rf-pwq3

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m22m-h4rf-pwq3

fixed_packages

url	pkg:deb/debian/mono@0?distro=trixie
purl	pkg:deb/debian/mono@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie

url	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
purl	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie

aliases CVE-2021-32840, GHSA-m22m-h4rf-pwq3

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fxh1-kq9x-6bbz

url VCID-gt2k-srht-4qfe

vulnerability_id VCID-gt2k-srht-4qfe

summary

Multiple vulnerabilities were found in Mono, the worst of which
    allowing for the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html

reference_url	http://openwall.com/lists/oss-security/2011/04/06/14
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2011/04/06/14

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0989

reference_id

reference_type

scores

value	0.00973
scoring_system	epss
scoring_elements	0.76686
published_at	2026-04-21T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76596
published_at	2026-04-01T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76599
published_at	2026-04-02T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76628
published_at	2026-04-04T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76609
published_at	2026-04-07T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76641
published_at	2026-04-08T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76653
published_at	2026-04-09T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76679
published_at	2026-04-11T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76659
published_at	2026-04-12T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76651
published_at	2026-04-13T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76693
published_at	2026-04-16T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.76698
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0989

reference_url	https://bugzilla.novell.com/show_bug.cgi?id=667077
reference_id
reference_type
scores
url	https://bugzilla.novell.com/show_bug.cgi?id=667077

reference_url	http://secunia.com/advisories/44002
reference_id
reference_type
scores
url	http://secunia.com/advisories/44002

reference_url	http://secunia.com/advisories/44076
reference_id
reference_type
scores
url	http://secunia.com/advisories/44076

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66624
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66624

reference_url	https://github.com/mono/mono/commit/035c8587c0d8d307e45f1b7171a0d337bb451f1e
reference_id
reference_type
scores
url	https://github.com/mono/mono/commit/035c8587c0d8d307e45f1b7171a0d337bb451f1e

reference_url	http://www.mono-project.com/Vulnerabilities
reference_id
reference_type
scores
url	http://www.mono-project.com/Vulnerabilities

reference_url	http://www.securityfocus.com/bid/47208
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/47208

reference_url	http://www.vupen.com/english/advisories/2011/0904
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0904

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono::::::::
reference_id	cpe:2.3:a:mono:mono::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:::::::*
reference_id	cpe:2.3:a:novell:moonlight:3.99:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0989

reference_id

CVE-2011-0989

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0989

reference_url	https://security.gentoo.org/glsa/201206-13
reference_id	GLSA-201206-13
reference_type
scores
url	https://security.gentoo.org/glsa/201206-13

fixed_packages

url	pkg:deb/debian/mono@0?distro=trixie
purl	pkg:deb/debian/mono@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie

url	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
purl	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie

aliases CVE-2011-0989

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gt2k-srht-4qfe

url VCID-kbuv-pvcj-bucr

vulnerability_id VCID-kbuv-pvcj-bucr

summary

Multiple vulnerabilities were found in Mono, the worst of which
    allowing for the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html

reference_url	http://openwall.com/lists/oss-security/2011/04/06/14
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2011/04/06/14

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0991

reference_id

reference_type

scores

value	0.02709
scoring_system	epss
scoring_elements	0.85914
published_at	2026-04-21T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85833
published_at	2026-04-01T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85844
published_at	2026-04-02T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85862
published_at	2026-04-04T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85865
published_at	2026-04-07T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85884
published_at	2026-04-08T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85894
published_at	2026-04-09T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85909
published_at	2026-04-11T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85906
published_at	2026-04-12T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.859
published_at	2026-04-13T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85918
published_at	2026-04-16T12:55:00Z

value	0.02709
scoring_system	epss
scoring_elements	0.85923
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0991

reference_url	https://bugzilla.novell.com/show_bug.cgi?id=660422
reference_id
reference_type
scores
url	https://bugzilla.novell.com/show_bug.cgi?id=660422

reference_url	https://bugzilla.novell.com/show_bug.cgi?id=667077
reference_id
reference_type
scores
url	https://bugzilla.novell.com/show_bug.cgi?id=667077

reference_url	http://secunia.com/advisories/44002
reference_id
reference_type
scores
url	http://secunia.com/advisories/44002

reference_url	http://secunia.com/advisories/44076
reference_id
reference_type
scores
url	http://secunia.com/advisories/44076

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66626
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66626

reference_url	https://github.com/mono/mono/commit/3f8ee42b8c867d9a4c18c22657840d072cca5c3a
reference_id
reference_type
scores
url	https://github.com/mono/mono/commit/3f8ee42b8c867d9a4c18c22657840d072cca5c3a

reference_url	https://github.com/mono/mono/commit/89d1455a80ef13cddee5d79ec00c06055da3085c
reference_id
reference_type
scores
url	https://github.com/mono/mono/commit/89d1455a80ef13cddee5d79ec00c06055da3085c

reference_url	https://github.com/mono/mono/commit/8eb1189099e02372fd45ca1c67230eccf1edddc0
reference_id
reference_type
scores
url	https://github.com/mono/mono/commit/8eb1189099e02372fd45ca1c67230eccf1edddc0

reference_url	http://www.mono-project.com/Vulnerabilities
reference_id
reference_type
scores
url	http://www.mono-project.com/Vulnerabilities

reference_url	http://www.securityfocus.com/bid/47208
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/47208

reference_url	http://www.vupen.com/english/advisories/2011/0904
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0904

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono::::::::
reference_id	cpe:2.3:a:mono:mono::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:::::::*
reference_id	cpe:2.3:a:novell:moonlight:2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:::::::*
reference_id	cpe:2.3:a:novell:moonlight:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:::::::*
reference_id	cpe:2.3:a:novell:moonlight:3.99:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0991

reference_id

CVE-2011-0991

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0991

reference_url	https://security.gentoo.org/glsa/201206-13
reference_id	GLSA-201206-13
reference_type
scores
url	https://security.gentoo.org/glsa/201206-13

fixed_packages

url	pkg:deb/debian/mono@0?distro=trixie
purl	pkg:deb/debian/mono@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie

url	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
purl	pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie

aliases CVE-2011-0991

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kbuv-pvcj-bucr

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie

Package Instance