{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","type":"deb","namespace":"debian","name":"mono","version":"6.8.0.105+dfsg-3.3+deb12u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"6.12.0.199+dfsg-6","latest_non_vulnerable_version":"6.14.1+ds2-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12463?format=json","vulnerability_id":"VCID-1qhk-r5sq-zqhm","summary":"Path traversal in SharpZipLib\nSharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A check was added if the destination file is under a destination directory. However, it is not enforced that `_baseDirectory` ends with slash. If the `_baseDirectory` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins as the destination directory one level up from the directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. fixed this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32842","reference_id":"","reference_type":"","scores":[{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53086","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53094","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53145","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53138","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53188","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53196","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53133","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.5317","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53082","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53101","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.5316","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53186","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53204","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53125","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32842"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/icsharpcode/SharpZipLib"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:39Z/"}],"url":"https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:39Z/"}],"url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32842","reference_id":"CVE-2021-32842","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32842"},{"reference_url":"https://github.com/advisories/GHSA-mm6g-mmq6-53ff","reference_id":"GHSA-mm6g-mmq6-53ff","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mm6g-mmq6-53ff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931058?format=json","purl":"pkg:deb/debian/mono@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2021-32842","GHSA-mm6g-mmq6-53ff"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qhk-r5sq-zqhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63614?format=json","vulnerability_id":"VCID-2jhf-j64s-gygy","summary":"Security researcher Alin Rad Pop of Secunia\nResearch reported a heap-based buffer overflow in Mozilla's string to\nfloating point number conversion routines.  Using this vulnerability\nan attacker could craft some malicious JavaScript code containing a\nvery long string to be converted to a floating point number which\nwould result in improper memory allocation and the execution of an\narbitrary memory location.  This vulnerability could thus be leveraged\nby the attacker to run arbitrary code on a victim's computer.Update: The underlying flaw in the dtoa routines used\nby Mozilla appears to be essentially the same as that reported against the\nlibc gdtoa routine by Maksymilian Arciemowicz.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0689","reference_id":"","reference_type":"","scores":[{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.9744","published_at":"2026-05-05T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97395","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97434","published_at":"2026-04-26T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97437","published_at":"2026-04-29T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97402","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97406","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97408","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97415","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97417","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97419","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97421","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97433","published_at":"2026-04-21T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97432","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0689"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=539784","reference_id":"539784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=539784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689","reference_id":"CVE-2009-0689","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt","reference_id":"CVE-2009-0689","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt"},{"reference_url":"https://www.securityfocus.com/bid/37078/info","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37078/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt"},{"reference_url":"https://www.securityfocus.com/bid/37080/info","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37080/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt","reference_id":"CVE-2009-0689;OSVDB-61189","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt"},{"reference_url":"https://www.securityfocus.com/bid/36851/info","reference_id":"CVE-2009-0689;OSVDB-61189","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/36851/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt","reference_id":"CVE-2009-0689;OSVDB-62402","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c"},{"reference_url":"https://www.securityfocus.com/bid/35510/info","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35510/info"},{"reference_url":"https://www.securityfocus.com/bid/37687/info","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37687/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt","reference_id":"CVE-2009-0689;OSVDB-63641","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt"},{"reference_url":"https://www.securityfocus.com/bid/37688/info","reference_id":"CVE-2009-0689;OSVDB-63641","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37688/info"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59","reference_id":"mfsa2009-59","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl","reference_id":"OSVDB-61189;CVE-2009-0689","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1601","reference_id":"RHSA-2009:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0311","reference_id":"RHSA-2014:0311","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0311"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0312","reference_id":"RHSA-2014:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0312"},{"reference_url":"https://usn.ubuntu.com/871-1/","reference_id":"USN-871-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/871-1/"},{"reference_url":"https://usn.ubuntu.com/915-1/","reference_id":"USN-915-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/915-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931061?format=json","purl":"pkg:deb/debian/mono@4.2.1.102%2Bdfsg2-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@4.2.1.102%252Bdfsg2-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2009-0689"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jhf-j64s-gygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/121553?format=json","vulnerability_id":"VCID-45yu-4es7-wqg6","summary":"StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing (1) space or (2) dot, which is not properly handled by XSP.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5473","reference_id":"","reference_type":"","scores":[{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57483","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57567","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57589","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57564","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57617","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57622","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57636","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57594","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57624","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.5762","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57598","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57556","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57576","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57508","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5473"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931058?format=json","purl":"pkg:deb/debian/mono@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2007-5473"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-45yu-4es7-wqg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14229?format=json","vulnerability_id":"VCID-4g67-mxz3-27ak","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nThe default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1459.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1459.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1459","reference_id":"","reference_type":"","scores":[{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61296","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61326","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61365","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61369","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.6135","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61338","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61353","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61347","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61199","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61279","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61308","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61276","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61324","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61339","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61359","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61345","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459"},{"reference_url":"https://github.com/mono/mono","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mono/mono"},{"reference_url":"http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/04/29/asp-net-cross-site-scripting-followup-mono.aspx","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/04/29/asp-net-cross-site-scripting-followup-mono.aspx"},{"reference_url":"http://www.mono-project.com/Vulnerabilities#ASP.NET_View_State_Cross-Site_Scripting","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mono-project.com/Vulnerabilities#ASP.NET_View_State_Cross-Site_Scripting"},{"reference_url":"http://www.securityfocus.com/bid/40351","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/40351"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585440","reference_id":"585440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585440"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=598155","reference_id":"598155","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=598155"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1459","reference_id":"CVE-2010-1459","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1459"},{"reference_url":"https://github.com/advisories/GHSA-g5c6-w479-93xm","reference_id":"GHSA-g5c6-w479-93xm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g5c6-w479-93xm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931062?format=json","purl":"pkg:deb/debian/mono@2.4.4~svn151842-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.4.4~svn151842-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2010-1459","GHSA-g5c6-w479-93xm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4g67-mxz3-27ak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58482?format=json","vulnerability_id":"VCID-75b6-ycq1-93ay","summary":"A hash collision vulnerability in Mono allows remote attackers to\n    cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/security/cve/cve-2012-3543","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/cve-2012-3543"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3543","reference_id":"","reference_type":"","scores":[{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77126","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77118","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.76965","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.76971","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.76981","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77013","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77024","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77052","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77031","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77027","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77068","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.7707","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77063","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77097","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77104","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3543"},{"reference_url":"https://bugs.gentoo.org/show_bug.cgi?id=CVE-2012-3543","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.gentoo.org/show_bug.cgi?id=CVE-2012-3543"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3543","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3543"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-3543","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-3543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2012-3543","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2012-3543"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/28/14","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/28/14"},{"reference_url":"http://www.securityfocus.com/bid/55251","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55251"},{"reference_url":"http://www.ubuntu.com/usn/USN-2547-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2547-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686562","reference_id":"686562","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686562"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3543","reference_id":"CVE-2012-3543","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3543"},{"reference_url":"https://security.gentoo.org/glsa/201405-16","reference_id":"GLSA-201405-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-16"},{"reference_url":"https://usn.ubuntu.com/2547-1/","reference_id":"USN-2547-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2547-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931066?format=json","purl":"pkg:deb/debian/mono@2.10.8.1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.10.8.1-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2012-3543"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-75b6-ycq1-93ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41681?format=json","vulnerability_id":"VCID-91z4-znxj-2fds","summary":"Multiple vulnerabilities were found in Mono, the worst of which\n    allowing for the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/04/06/14","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/04/06/14"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0990","reference_id":"","reference_type":"","scores":[{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78742","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78592","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78599","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.7863","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78611","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78636","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78642","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78667","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78649","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78671","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78669","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78666","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78696","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78704","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.78721","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0990"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=667077","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=667077"},{"reference_url":"http://secunia.com/advisories/44002","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44002"},{"reference_url":"http://secunia.com/advisories/44076","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44076"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66625","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66625"},{"reference_url":"https://github.com/mono/mono/commit/2f00e4bbb2137130845afb1b2a1e678552fc8e5c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/2f00e4bbb2137130845afb1b2a1e678552fc8e5c"},{"reference_url":"http://www.mono-project.com/Vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/Vulnerabilities"},{"reference_url":"http://www.securityfocus.com/bid/47208","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/47208"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0904","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0904"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0990","reference_id":"CVE-2011-0990","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0990"},{"reference_url":"https://security.gentoo.org/glsa/201206-13","reference_id":"GLSA-201206-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931058?format=json","purl":"pkg:deb/debian/mono@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2011-0990"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91z4-znxj-2fds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48433?format=json","vulnerability_id":"VCID-99h2-625x-nfct","summary":"Mono is vulnerable to linking attacks, potentially allowing a local user to\n    overwrite arbitrary files.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5072","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1906","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19248","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18963","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19043","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19097","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19103","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19056","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19004","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18959","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18971","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18976","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18869","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1885","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18809","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18688","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072"},{"reference_url":"https://security.gentoo.org/glsa/200611-23","reference_id":"GLSA-200611-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200611-23"},{"reference_url":"https://usn.ubuntu.com/357-1/","reference_id":"USN-357-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/357-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931055?format=json","purl":"pkg:deb/debian/mono@1.1.17.1-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.1.17.1-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2006-5072"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-99h2-625x-nfct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41683?format=json","vulnerability_id":"VCID-a483-t5eh-pkf5","summary":"Multiple vulnerabilities were found in Mono, the worst of which\n    allowing for the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/04/06/14","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/04/06/14"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0992","reference_id":"","reference_type":"","scores":[{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80165","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80021","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80028","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80051","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.8004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80068","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80077","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80096","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.8008","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80072","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.801","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80101","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80102","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.8013","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80136","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01346","scoring_system":"epss","scoring_elements":"0.80151","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0992"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=667077","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=667077"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=678515","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=678515"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=694933","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=694933"},{"reference_url":"http://secunia.com/advisories/44002","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44002"},{"reference_url":"http://secunia.com/advisories/44076","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44076"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66627","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66627"},{"reference_url":"https://github.com/mono/mono/commit/722f9890f09aadfc37ae479e7d946d5fc5ef7b91","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/722f9890f09aadfc37ae479e7d946d5fc5ef7b91"},{"reference_url":"http://www.mono-project.com/Vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/Vulnerabilities"},{"reference_url":"http://www.securityfocus.com/bid/47208","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/47208"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0904","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0904"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0992","reference_id":"CVE-2011-0992","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0992"},{"reference_url":"https://security.gentoo.org/glsa/201206-13","reference_id":"GLSA-201206-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-13"},{"reference_url":"https://usn.ubuntu.com/2547-1/","reference_id":"USN-2547-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2547-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931058?format=json","purl":"pkg:deb/debian/mono@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2011-0992"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a483-t5eh-pkf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95459?format=json","vulnerability_id":"VCID-azkx-bdnb-ebbg","summary":"The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26314","reference_id":"","reference_type":"","scores":[{"value":"0.01163","scoring_system":"epss","scoring_elements":"0.78685","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01163","scoring_system":"epss","scoring_elements":"0.78703","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.8151","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.8153","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.81517","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.81547","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.81548","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.8155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.81572","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.81581","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.81479","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.81476","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01567","scoring_system":"epss","scoring_elements":"0.81504","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01576","scoring_system":"epss","scoring_elements":"0.81497","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26314"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/01/05/1","reference_id":"1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T16:24:03Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/01/05/1"},{"reference_url":"https://bugs.debian.org/972146","reference_id":"972146","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T16:24:03Z/"}],"url":"https://bugs.debian.org/972146"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972146","reference_id":"972146","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972146"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00037.html","reference_id":"msg00037.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-18T16:24:03Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00037.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931069?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2023-26314"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-azkx-bdnb-ebbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41677?format=json","vulnerability_id":"VCID-c1c3-ck5x-mkay","summary":"Multiple vulnerabilities were found in Mono, the worst of which\n    allowing for the remote execution of arbitrary code.","references":[{"reference_url":"http://osvdb.org/70312","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/70312"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4225","reference_id":"","reference_type":"","scores":[{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68322","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68198","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68219","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68237","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68213","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68264","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68279","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68304","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68292","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68258","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68298","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68309","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68289","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68331","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.6834","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68345","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225"},{"reference_url":"http://secunia.com/advisories/42842","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42842"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64532","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64532"},{"reference_url":"http://www.mono-project.com/Vulnerabilities#XSP.2Fmod_mono_source_code_disclosure","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/Vulnerabilities#XSP.2Fmod_mono_source_code_disclosure"},{"reference_url":"http://www.securityfocus.com/bid/45711","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/45711"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0051","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0051"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608288","reference_id":"608288","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608288"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4225","reference_id":"CVE-2010-4225","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4225"},{"reference_url":"https://security.gentoo.org/glsa/201206-13","reference_id":"GLSA-201206-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931064?format=json","purl":"pkg:deb/debian/mono@2.6.7-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.6.7-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2010-4225"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c1c3-ck5x-mkay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12451?format=json","vulnerability_id":"VCID-eadx-224r-vyhs","summary":"Path traversal in SharpZipLib\nSharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. contains a patch for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32841","reference_id":"","reference_type":"","scores":[{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59299","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59306","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59348","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59363","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59344","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59366","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59385","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59379","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59347","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59365","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59334","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59236","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.5931","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59381","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59362","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59349","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32841"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/icsharpcode/SharpZipLib"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/"}],"url":"https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/"}],"url":"https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/"}],"url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32841","reference_id":"CVE-2021-32841","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32841"},{"reference_url":"https://github.com/advisories/GHSA-2x7h-96h5-rq84","reference_id":"GHSA-2x7h-96h5-rq84","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2x7h-96h5-rq84"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931058?format=json","purl":"pkg:deb/debian/mono@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2021-32841","GHSA-2x7h-96h5-rq84"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eadx-224r-vyhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88401?format=json","vulnerability_id":"VCID-f6cm-frak-aydf","summary":"mono: XSS vulnerabilities in the ASP.net class libraries","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"},{"reference_url":"http://lists.ximian.com/pipermail/mono-devel-list/2008-July/028633.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.ximian.com/pipermail/mono-devel-list/2008-July/028633.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3422.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3422.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3422","reference_id":"","reference_type":"","scores":[{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70897","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70761","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70777","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70771","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70815","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70831","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70853","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70838","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70823","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70868","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70874","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70854","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70908","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70917","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.70915","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3422"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=413534","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=413534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3422","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3422"},{"reference_url":"http://secunia.com/advisories/31338","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31338"},{"reference_url":"http://secunia.com/advisories/31982","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31982"},{"reference_url":"http://secunia.com/advisories/36494","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36494"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44229","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44229"},{"reference_url":"http://www.securityfocus.com/bid/30471","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30471"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=457525","reference_id":"457525","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=457525"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494406","reference_id":"494406","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494406"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3422","reference_id":"CVE-2008-3422","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3422"},{"reference_url":"https://usn.ubuntu.com/826-1/","reference_id":"USN-826-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/826-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931059?format=json","purl":"pkg:deb/debian/mono@1.9.1%2Bdfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.9.1%252Bdfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2008-3422"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f6cm-frak-aydf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59826?format=json","vulnerability_id":"VCID-fc3w-b9en-rbbm","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2318","reference_id":"","reference_type":"","scores":[{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79755","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79739","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79607","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79613","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79635","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79622","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.7965","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79658","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79678","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79663","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79655","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79684","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79687","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79718","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79725","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2318"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202869","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202869"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320"},{"reference_url":"https://github.com/mono/mono/commit/1509226c41d74194c146deb173e752b8d3cdeec4","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/1509226c41d74194c146deb173e752b8d3cdeec4"},{"reference_url":"https://mitls.org/pages/attacks/SMACK#skip","reference_id":"","reference_type":"","scores":[],"url":"https://mitls.org/pages/attacks/SMACK#skip"},{"reference_url":"https://www.debian.org/security/2015/dsa-3202","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2015/dsa-3202"},{"reference_url":"http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/03/17/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/03/17/9"},{"reference_url":"http://www.securityfocus.com/bid/73253","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/73253"},{"reference_url":"http://www.ubuntu.com/usn/USN-2547-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2547-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751","reference_id":"780751","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2318","reference_id":"CVE-2015-2318","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2318"},{"reference_url":"https://usn.ubuntu.com/2547-1/","reference_id":"USN-2547-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2547-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931067?format=json","purl":"pkg:deb/debian/mono@3.2.8%2Bdfsg-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@3.2.8%252Bdfsg-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2015-2318"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fc3w-b9en-rbbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12462?format=json","vulnerability_id":"VCID-fxh1-kq9x-6bbz","summary":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nSharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32840","reference_id":"","reference_type":"","scores":[{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.814","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81482","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.8143","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81358","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81357","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81386","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81391","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81412","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81392","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81464","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.8146","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81327","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81336","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01545","scoring_system":"epss","scoring_elements":"0.81452","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32840"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/icsharpcode/SharpZipLib"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/"}],"url":"https://github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/"}],"url":"https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/"}],"url":"https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32840","reference_id":"CVE-2021-32840","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32840"},{"reference_url":"https://github.com/advisories/GHSA-m22m-h4rf-pwq3","reference_id":"GHSA-m22m-h4rf-pwq3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m22m-h4rf-pwq3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931058?format=json","purl":"pkg:deb/debian/mono@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2021-32840","GHSA-m22m-h4rf-pwq3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fxh1-kq9x-6bbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41680?format=json","vulnerability_id":"VCID-gt2k-srht-4qfe","summary":"Multiple vulnerabilities were found in Mono, the worst of which\n    allowing for the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/04/06/14","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/04/06/14"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0989","reference_id":"","reference_type":"","scores":[{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76723","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76596","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76599","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76628","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76609","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76641","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76653","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76679","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76659","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76651","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76693","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76698","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76686","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76718","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76724","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00973","scoring_system":"epss","scoring_elements":"0.76736","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0989"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=667077","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=667077"},{"reference_url":"http://secunia.com/advisories/44002","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44002"},{"reference_url":"http://secunia.com/advisories/44076","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44076"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66624","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66624"},{"reference_url":"https://github.com/mono/mono/commit/035c8587c0d8d307e45f1b7171a0d337bb451f1e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/035c8587c0d8d307e45f1b7171a0d337bb451f1e"},{"reference_url":"http://www.mono-project.com/Vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/Vulnerabilities"},{"reference_url":"http://www.securityfocus.com/bid/47208","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/47208"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0904","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0904"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0989","reference_id":"CVE-2011-0989","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0989"},{"reference_url":"https://security.gentoo.org/glsa/201206-13","reference_id":"GLSA-201206-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931058?format=json","purl":"pkg:deb/debian/mono@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2011-0989"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gt2k-srht-4qfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41682?format=json","vulnerability_id":"VCID-kbuv-pvcj-bucr","summary":"Multiple vulnerabilities were found in Mono, the worst of which\n    allowing for the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/04/06/14","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/04/06/14"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0991","reference_id":"","reference_type":"","scores":[{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85963","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85833","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85844","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85862","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85865","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85884","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85894","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85909","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85906","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.859","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85918","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85923","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85914","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85934","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.85944","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0991"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=660422","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=660422"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=667077","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=667077"},{"reference_url":"http://secunia.com/advisories/44002","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44002"},{"reference_url":"http://secunia.com/advisories/44076","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44076"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66626","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66626"},{"reference_url":"https://github.com/mono/mono/commit/3f8ee42b8c867d9a4c18c22657840d072cca5c3a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/3f8ee42b8c867d9a4c18c22657840d072cca5c3a"},{"reference_url":"https://github.com/mono/mono/commit/89d1455a80ef13cddee5d79ec00c06055da3085c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/89d1455a80ef13cddee5d79ec00c06055da3085c"},{"reference_url":"https://github.com/mono/mono/commit/8eb1189099e02372fd45ca1c67230eccf1edddc0","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/8eb1189099e02372fd45ca1c67230eccf1edddc0"},{"reference_url":"http://www.mono-project.com/Vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/Vulnerabilities"},{"reference_url":"http://www.securityfocus.com/bid/47208","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/47208"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0904","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0904"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0991","reference_id":"CVE-2011-0991","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0991"},{"reference_url":"https://security.gentoo.org/glsa/201206-13","reference_id":"GLSA-201206-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931058?format=json","purl":"pkg:deb/debian/mono@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2011-0991"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kbuv-pvcj-bucr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59828?format=json","vulnerability_id":"VCID-nssu-1x9p-mudc","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2319","reference_id":"","reference_type":"","scores":[{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75344","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75335","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75205","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75207","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75238","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75216","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75258","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75269","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.7529","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75267","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75256","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75295","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75302","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75293","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75328","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75332","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202869","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202869"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320"},{"reference_url":"https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10"},{"reference_url":"https://mitls.org/pages/attacks/SMACK#freak","reference_id":"","reference_type":"","scores":[],"url":"https://mitls.org/pages/attacks/SMACK#freak"},{"reference_url":"https://www.debian.org/security/2015/dsa-3202","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2015/dsa-3202"},{"reference_url":"http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/03/17/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/03/17/9"},{"reference_url":"http://www.securityfocus.com/bid/73250","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/73250"},{"reference_url":"http://www.ubuntu.com/usn/USN-2547-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2547-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751","reference_id":"780751","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2319","reference_id":"CVE-2015-2319","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2319"},{"reference_url":"https://usn.ubuntu.com/2547-1/","reference_id":"USN-2547-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2547-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931067?format=json","purl":"pkg:deb/debian/mono@3.2.8%2Bdfsg-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@3.2.8%252Bdfsg-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2015-2319"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nssu-1x9p-mudc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92359?format=json","vulnerability_id":"VCID-nz8p-usaz-8kgt","summary":"Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3382","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52699","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.5274","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52767","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52733","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52784","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52778","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52829","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52813","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52796","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52833","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.5284","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52824","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52775","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52786","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52747","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52691","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681095","reference_id":"681095","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681095"},{"reference_url":"https://usn.ubuntu.com/1517-1/","reference_id":"USN-1517-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1517-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931065?format=json","purl":"pkg:deb/debian/mono@2.10.8.1-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.10.8.1-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2012-3382"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nz8p-usaz-8kgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41676?format=json","vulnerability_id":"VCID-s4yu-1s7d-bufz","summary":"Multiple vulnerabilities were found in Mono, the worst of which\n    allowing for the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.ximian.com/pipermail/mono-patches/2010-October/177900.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.ximian.com/pipermail/mono-patches/2010-October/177900.html"},{"reference_url":"http://marc.info/?l=oss-security&m=128939873515821&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=oss-security&m=128939873515821&w=2"},{"reference_url":"http://marc.info/?l=oss-security&m=128939912716499&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=oss-security&m=128939912716499&w=2"},{"reference_url":"http://marc.info/?l=oss-security&m=128941802415318&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=oss-security&m=128941802415318&w=2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4159","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27894","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28468","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28562","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28605","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28409","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28475","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28516","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28476","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28427","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28443","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28369","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28244","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28132","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28053","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4159"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=641915","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=641915"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159"},{"reference_url":"http://secunia.com/advisories/42174","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42174"},{"reference_url":"https://github.com/mono/mono/commit/8e890a3bf80a4620e417814dc14886b1bbd17625","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/8e890a3bf80a4620e417814dc14886b1bbd17625"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:240","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:240"},{"reference_url":"http://www.mono-project.com/Vulnerabilities#Mono_Runtime_Insecure_Native_Library_Loading","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/Vulnerabilities#Mono_Runtime_Insecure_Native_Library_Loading"},{"reference_url":"http://www.securityfocus.com/bid/44810","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/44810"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3059","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3059"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605097","reference_id":"605097","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605097"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:2.6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:2.6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4159","reference_id":"CVE-2010-4159","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4159"},{"reference_url":"https://security.gentoo.org/glsa/201206-13","reference_id":"GLSA-201206-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-13"},{"reference_url":"https://usn.ubuntu.com/1517-1/","reference_id":"USN-1517-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1517-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931063?format=json","purl":"pkg:deb/debian/mono@2.6.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.6.7-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2010-4159"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s4yu-1s7d-bufz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90739?format=json","vulnerability_id":"VCID-sgsg-b4yc-juh6","summary":"mono: Sys.Web HTTP header injection attack","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3906.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3906.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3906","reference_id":"","reference_type":"","scores":[{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92181","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92125","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92133","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92139","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92144","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92155","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92158","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92162","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92163","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92169","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.9217","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92173","published_at":"2026-04-24T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92174","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08111","scoring_system":"epss","scoring_elements":"0.92171","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3906"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=418620","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=418620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3906","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3906"},{"reference_url":"http://secunia.com/advisories/31643","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31643"},{"reference_url":"http://secunia.com/advisories/36494","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36494"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44740","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44740"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:210","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:210"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/08/27/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/08/27/6"},{"reference_url":"http://www.securityfocus.com/archive/1/496845/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/496845/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30867","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30867"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2443","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2443"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=461752","reference_id":"461752","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=461752"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498894","reference_id":"498894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498894"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3906","reference_id":"CVE-2008-3906","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3906"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32303.txt","reference_id":"CVE-2008-3906;OSVDB-47855","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32303.txt"},{"reference_url":"https://www.securityfocus.com/bid/30867/info","reference_id":"CVE-2008-3906;OSVDB-47855","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/30867/info"},{"reference_url":"https://usn.ubuntu.com/826-1/","reference_id":"USN-826-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/826-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931059?format=json","purl":"pkg:deb/debian/mono@1.9.1%2Bdfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.9.1%252Bdfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2008-3906"],"risk_score":7.8,"exploitability":"2.0","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sgsg-b4yc-juh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91343?format=json","vulnerability_id":"VCID-t9ck-91tr-nfaw","summary":"Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including \">\" and \"<\".","references":[{"reference_url":"http://it-project.ru/andir/docs/aspxvuln/aspxvuln.en.xml","reference_id":"","reference_type":"","scores":[],"url":"http://it-project.ru/andir/docs/aspxvuln/aspxvuln.en.xml"},{"reference_url":"http://marc.info/?l=bugtraq&m=110867912714913&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=110867912714913&w=2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0509","reference_id":"","reference_type":"","scores":[{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92222","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92165","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92172","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92178","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92181","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92193","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92196","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92201","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92202","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92198","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92209","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92211","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92214","published_at":"2026-04-24T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92215","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08187","scoring_system":"epss","scoring_elements":"0.92212","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0509"},{"reference_url":"http://secunia.com/advisories/14325","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/14325"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:1.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:1.0:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.0:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0509","reference_id":"CVE-2005-0509","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0509"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931051?format=json","purl":"pkg:deb/debian/mono@1.1.6-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.1.6-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2005-0509"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t9ck-91tr-nfaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59830?format=json","vulnerability_id":"VCID-w6qh-dtdh-1bep","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2320","reference_id":"","reference_type":"","scores":[{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89553","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89545","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89478","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89482","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89493","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89494","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.8951","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89514","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89521","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89519","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89528","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89529","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89526","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04829","scoring_system":"epss","scoring_elements":"0.89541","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2320"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202869","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202869"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2319"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2320"},{"reference_url":"https://github.com/mono/mono/commit/b371da6b2d68b4cdd0f21d6342af6c42794f998b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mono/mono/commit/b371da6b2d68b4cdd0f21d6342af6c42794f998b"},{"reference_url":"https://www.debian.org/security/2015/dsa-3202","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2015/dsa-3202"},{"reference_url":"http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/03/17/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/03/17/9"},{"reference_url":"http://www.securityfocus.com/bid/73256","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/73256"},{"reference_url":"http://www.ubuntu.com/usn/USN-2547-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2547-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751","reference_id":"780751","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono-project:mono:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2320","reference_id":"CVE-2015-2320","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2320"},{"reference_url":"https://usn.ubuntu.com/2547-1/","reference_id":"USN-2547-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2547-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931067?format=json","purl":"pkg:deb/debian/mono@3.2.8%2Bdfsg-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@3.2.8%252Bdfsg-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2015-2320"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6qh-dtdh-1bep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49344?format=json","vulnerability_id":"VCID-xhd4-zcc1-gyak","summary":"Mono does not properly sanitize pathnames allowing unauthorized information\n    disclosure.","references":[{"reference_url":"http://fedoranews.org/cms/node/2400","reference_id":"","reference_type":"","scores":[],"url":"http://fedoranews.org/cms/node/2400"},{"reference_url":"http://fedoranews.org/cms/node/2401","reference_id":"","reference_type":"","scores":[],"url":"http://fedoranews.org/cms/node/2401"},{"reference_url":"http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-6104","reference_id":"","reference_type":"","scores":[{"value":"0.15016","scoring_system":"epss","scoring_elements":"0.94601","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94728","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94732","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94733","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94743","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94747","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94751","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94771","published_at":"2026-04-26T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94773","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94755","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94764","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.94767","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15908","scoring_system":"epss","scoring_elements":"0.9477","published_at":"2026-04-21T12:55:00Z"},{"value":"0.17546","scoring_system":"epss","scoring_elements":"0.95051","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-6104"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104"},{"reference_url":"http://secunia.com/advisories/23432","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23432"},{"reference_url":"http://secunia.com/advisories/23435","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23435"},{"reference_url":"http://secunia.com/advisories/23462","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23462"},{"reference_url":"http://secunia.com/advisories/23597","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23597"},{"reference_url":"http://secunia.com/advisories/23727","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23727"},{"reference_url":"http://secunia.com/advisories/23776","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23776"},{"reference_url":"http://secunia.com/advisories/23779","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23779"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200701-12.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200701-12.xml"},{"reference_url":"http://securityreason.com/securityalert/2082","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/2082"},{"reference_url":"http://securitytracker.com/id?1017430","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1017430"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092"},{"reference_url":"http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:234","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:234"},{"reference_url":"http://www.securityfocus.com/archive/1/454962/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/454962/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/21687","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/21687"},{"reference_url":"http://www.ubuntu.com/usn/usn-397-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-397-1"},{"reference_url":"http://www.vupen.com/english/advisories/2006/5099","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/5099"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:xsp:1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:xsp:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mono:xsp:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:xsp:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2006-6104","reference_id":"CVE-2006-6104","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-6104"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29302.txt","reference_id":"CVE-2006-6104;OSVDB-32391","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29302.txt"},{"reference_url":"https://www.securityfocus.com/bid/21687/info","reference_id":"CVE-2006-6104;OSVDB-32391","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/21687/info"},{"reference_url":"https://security.gentoo.org/glsa/200701-12","reference_id":"GLSA-200701-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200701-12"},{"reference_url":"https://usn.ubuntu.com/397-1/","reference_id":"USN-397-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/397-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931056?format=json","purl":"pkg:deb/debian/mono@1.2.2.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.2.2.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2006-6104"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xhd4-zcc1-gyak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15235?format=json","vulnerability_id":"VCID-xzc1-cy42-2ub4","summary":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nSharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1002208","reference_id":"","reference_type":"","scores":[{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.6968","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.6957","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69549","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69599","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69616","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69638","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69623","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69609","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69649","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69658","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69639","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69691","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.697","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69705","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69542","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69554","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1002208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002208"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib/issues/232","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/icsharpcode/SharpZipLib/issues/232"},{"reference_url":"https://github.com/icsharpcode/SharpZipLib/wiki/Release-1.0","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/icsharpcode/SharpZipLib/wiki/Release-1.0"},{"reference_url":"https://github.com/snyk/zip-slip-vulnerability","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/snyk/zip-slip-vulnerability"},{"reference_url":"https://snyk.io/research/zip-slip-vulnerability","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://snyk.io/research/zip-slip-vulnerability"},{"reference_url":"https://snyk.io/vuln/SNYK-DOTNET-SHARPZIPLIB-60247","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://snyk.io/vuln/SNYK-DOTNET-SHARPZIPLIB-60247"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1002208","reference_id":"CVE-2018-1002208","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1002208"},{"reference_url":"https://github.com/advisories/GHSA-cqj4-m2pc-v9m5","reference_id":"GHSA-cqj4-m2pc-v9m5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cqj4-m2pc-v9m5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931068?format=json","purl":"pkg:deb/debian/mono@5.18.0.240%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@5.18.0.240%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2018-1002208","GHSA-cqj4-m2pc-v9m5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xzc1-cy42-2ub4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59289?format=json","vulnerability_id":"VCID-yqu4-jn6n-eug3","summary":"Mono's BigInteger implementation contains a buffer overflow vulnerability\n    that might lead to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5197.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5197.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5197","reference_id":"","reference_type":"","scores":[{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84773","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84789","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84808","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.8481","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84832","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84838","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84857","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84848","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.8487","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84868","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84894","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.84904","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02337","scoring_system":"epss","scoring_elements":"0.8492","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=367471","reference_id":"367471","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=367471"},{"reference_url":"https://security.gentoo.org/glsa/200711-10","reference_id":"GLSA-200711-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-10"},{"reference_url":"https://usn.ubuntu.com/553-1/","reference_id":"USN-553-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/553-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931057?format=json","purl":"pkg:deb/debian/mono@1.2.5.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.2.5.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2007-5197"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yqu4-jn6n-eug3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6667?format=json","vulnerability_id":"VCID-z7ht-bq8z-3qgd","summary":"XML signature HMAC truncation authentication bypass\nThis package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0217.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0217","reference_id":"","reference_type":"","scores":[{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83541","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83529","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83605","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.8359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83581","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83557","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83556","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84512","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84491","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84569","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84495","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84553","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.8455","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84541","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84514","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0217"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=511915","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=511915"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217"},{"reference_url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041"},{"reference_url":"https://gitlab.gnome.org/Archive/xmlsec/-/commit/34b349675af9f72eb822837a8772cc1ead7115c7","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitlab.gnome.org/Archive/xmlsec/-/commit/34b349675af9f72eb822837a8772cc1ead7115c7"},{"reference_url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=47526","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=47526"},{"reference_url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=47527","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=47527"},{"reference_url":"https://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html"},{"reference_url":"https://marc.info/?l=bugtraq&m=125787273209737&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://marc.info/?l=bugtraq&m=125787273209737&w=2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0217","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0217"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2009-1428.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rhn.redhat.com/errata/RHSA-2009-1428.html"},{"reference_url":"https://svn.apache.org/viewvc?revision=794013&view=revision","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://svn.apache.org/viewvc?revision=794013&view=revision"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=794013","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=794013"},{"reference_url":"https://www.debian.org/security/2010/dsa-1995","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2010/dsa-1995"},{"reference_url":"https://www.gentoo.org/security/en/glsa/glsa-201408-19.xml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"},{"reference_url":"https://www.kb.cert.org/vuls/id/466161","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.kb.cert.org/vuls/id/466161"},{"reference_url":"https://www.kb.cert.org/vuls/id/MAPG-7TSKXQ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.kb.cert.org/vuls/id/MAPG-7TSKXQ"},{"reference_url":"https://www.kb.cert.org/vuls/id/WDON-7TY529","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.kb.cert.org/vuls/id/WDON-7TY529"},{"reference_url":"https://www.mandriva.com/security/advisories?name=MDVSA-2009:209","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mandriva.com/security/advisories?name=MDVSA-2009:209"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html"},{"reference_url":"https://www.redhat.com/support/errata/RHSA-2009-1694.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/support/errata/RHSA-2009-1694.html"},{"reference_url":"https://www.ubuntu.com/usn/USN-903-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.ubuntu.com/usn/USN-903-1"},{"reference_url":"https://www.us-cert.gov/cas/techalerts/TA09-294A.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.us-cert.gov/cas/techalerts/TA09-294A.html"},{"reference_url":"https://www.w3.org/2008/06/xmldsigcore-errata.html#e03","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.w3.org/2008/06/xmldsigcore-errata.html#e03"},{"reference_url":"https://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA10-159B.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.us-cert.gov/cas/techalerts/TA10-159B.html"},{"reference_url":"https://bugzilla.redhat.com/CVE-2009-0217","reference_id":"CVE-2009-0217","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/CVE-2009-0217"},{"reference_url":"https://github.com/advisories/GHSA-8hfm-837h-hjg5","reference_id":"GHSA-8hfm-837h-hjg5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8hfm-837h-hjg5"},{"reference_url":"https://security.gentoo.org/glsa/201206-13","reference_id":"GLSA-201206-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-13"},{"reference_url":"https://security.gentoo.org/glsa/201408-19","reference_id":"GLSA-201408-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1200","reference_id":"RHSA-2009:1200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1201","reference_id":"RHSA-2009:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1428","reference_id":"RHSA-2009:1428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1636","reference_id":"RHSA-2009:1636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1637","reference_id":"RHSA-2009:1637","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1637"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1649","reference_id":"RHSA-2009:1649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1650","reference_id":"RHSA-2009:1650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0043","reference_id":"RHSA-2010:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0043"},{"reference_url":"https://usn.ubuntu.com/814-1/","reference_id":"USN-814-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/814-1/"},{"reference_url":"https://usn.ubuntu.com/826-1/","reference_id":"USN-826-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/826-1/"},{"reference_url":"https://usn.ubuntu.com/903-1/","reference_id":"USN-903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931060?format=json","purl":"pkg:deb/debian/mono@2.4.2.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.4.2.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"}],"aliases":["CVE-2009-0217","GHSA-8hfm-837h-hjg5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z7ht-bq8z-3qgd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"}