Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/931058?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "type": "deb", "namespace": "debian", "name": "mono", "version": "0", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.1.6-4", "latest_non_vulnerable_version": "6.14.1+ds2-3", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12463?format=api", "vulnerability_id": "VCID-1qhk-r5sq-zqhm", "summary": "Path traversal in SharpZipLib\nSharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A check was added if the destination file is under a destination directory. However, it is not enforced that `_baseDirectory` ends with slash. If the `_baseDirectory` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins as the destination directory one level up from the directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. fixed this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53243", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53188", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53173", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53157", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53196", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53204", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53186", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.5316", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.5317", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53133", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53086", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53137", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.5318", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53172", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53082", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53101", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53125", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53094", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53145", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53138", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32842" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/icsharpcode/SharpZipLib" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:39Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:39Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32842", "reference_id": "CVE-2021-32842", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32842" }, { "reference_url": "https://github.com/advisories/GHSA-mm6g-mmq6-53ff", "reference_id": "GHSA-mm6g-mmq6-53ff", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mm6g-mmq6-53ff" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1104238?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-32842", "GHSA-mm6g-mmq6-53ff" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1qhk-r5sq-zqhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/121553?format=api", "vulnerability_id": "VCID-45yu-4es7-wqg6", "summary": "StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing (1) space or (2) dot, which is not properly handled by XSP.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57483", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57567", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57589", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57564", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57617", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57636", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57594", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57624", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.5762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57598", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57556", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57576", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57508", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57553", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57616", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57566", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57593", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.5766", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5473" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1104238?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-5473" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-45yu-4es7-wqg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41681?format=api", "vulnerability_id": "VCID-91z4-znxj-2fds", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/04/06/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/04/06/14" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78833", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78599", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.7863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78636", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78642", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78667", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78671", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78669", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78666", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78696", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78704", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78721", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78742", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78765", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78781", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78777", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78794", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0990" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=667077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=667077" }, { "reference_url": "http://secunia.com/advisories/44002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44002" }, { "reference_url": "http://secunia.com/advisories/44076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44076" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66625" }, { "reference_url": "https://github.com/mono/mono/commit/2f00e4bbb2137130845afb1b2a1e678552fc8e5c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/2f00e4bbb2137130845afb1b2a1e678552fc8e5c" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities" }, { "reference_url": "http://www.securityfocus.com/bid/47208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47208" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0904" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0990", "reference_id": "CVE-2011-0990", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0990" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1104238?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0990" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-91z4-znxj-2fds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41683?format=api", "vulnerability_id": "VCID-a483-t5eh-pkf5", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/04/06/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/04/06/14" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0992", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80255", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80021", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80028", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80051", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.8004", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80068", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80096", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.8008", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80072", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.801", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80101", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80102", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.8013", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80136", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80151", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80165", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80186", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80201", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80199", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01346", "scoring_system": "epss", "scoring_elements": "0.80214", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0992" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=667077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=667077" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=678515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=678515" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=694933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=694933" }, { "reference_url": "http://secunia.com/advisories/44002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44002" }, { "reference_url": "http://secunia.com/advisories/44076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44076" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66627" }, { "reference_url": "https://github.com/mono/mono/commit/722f9890f09aadfc37ae479e7d946d5fc5ef7b91", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/722f9890f09aadfc37ae479e7d946d5fc5ef7b91" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities" }, { "reference_url": "http://www.securityfocus.com/bid/47208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47208" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0904" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0992", "reference_id": "CVE-2011-0992", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0992" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" }, { "reference_url": "https://usn.ubuntu.com/2547-1/", "reference_id": "USN-2547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2547-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1104238?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0992" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a483-t5eh-pkf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12451?format=api", "vulnerability_id": "VCID-eadx-224r-vyhs", "summary": "Path traversal in SharpZipLib\nSharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. contains a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59468", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59299", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59349", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59362", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59381", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59365", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59347", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59379", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59385", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59366", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59344", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59363", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59348", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59306", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59354", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59412", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.5937", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59397", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59236", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.5931", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59334", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32841" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/icsharpcode/SharpZipLib" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:36Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32841", "reference_id": "CVE-2021-32841", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32841" }, { "reference_url": "https://github.com/advisories/GHSA-2x7h-96h5-rq84", "reference_id": "GHSA-2x7h-96h5-rq84", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2x7h-96h5-rq84" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1104238?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-32841", "GHSA-2x7h-96h5-rq84" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eadx-224r-vyhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12462?format=api", "vulnerability_id": "VCID-fxh1-kq9x-6bbz", "summary": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nSharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. A TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81576", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81386", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81412", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.814", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81392", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81429", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.8143", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81452", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.8146", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81464", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81482", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81501", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81523", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81519", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81537", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81327", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81336", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81358", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01545", "scoring_system": "epss", "scoring_elements": "0.81357", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32840" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/icsharpcode/SharpZipLib" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc" }, { "reference_url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/" } ], "url": "https://github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:51:52Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32840", "reference_id": "CVE-2021-32840", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32840" }, { "reference_url": "https://github.com/advisories/GHSA-m22m-h4rf-pwq3", "reference_id": "GHSA-m22m-h4rf-pwq3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m22m-h4rf-pwq3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1104238?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-32840", "GHSA-m22m-h4rf-pwq3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fxh1-kq9x-6bbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41680?format=api", "vulnerability_id": "VCID-gt2k-srht-4qfe", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/04/06/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/04/06/14" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76824", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76596", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76599", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76628", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76609", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76641", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76679", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76659", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76651", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76693", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76698", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76686", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76718", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76724", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76736", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76723", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76754", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76772", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.7676", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00973", "scoring_system": "epss", "scoring_elements": "0.76777", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0989" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=667077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=667077" }, { "reference_url": "http://secunia.com/advisories/44002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44002" }, { "reference_url": "http://secunia.com/advisories/44076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44076" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66624" }, { "reference_url": "https://github.com/mono/mono/commit/035c8587c0d8d307e45f1b7171a0d337bb451f1e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/035c8587c0d8d307e45f1b7171a0d337bb451f1e" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities" }, { "reference_url": "http://www.securityfocus.com/bid/47208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47208" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0904" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0989", "reference_id": "CVE-2011-0989", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0989" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1104238?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0989" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gt2k-srht-4qfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41682?format=api", "vulnerability_id": "VCID-kbuv-pvcj-bucr", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/04/06/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/04/06/14" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0991", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.86051", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85833", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85865", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85884", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85894", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85906", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.859", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85918", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85923", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85914", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85934", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85944", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85963", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85985", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.86003", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.86001", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.86014", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0991" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=660422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=660422" }, { "reference_url": "https://bugzilla.novell.com/show_bug.cgi?id=667077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.novell.com/show_bug.cgi?id=667077" }, { "reference_url": "http://secunia.com/advisories/44002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44002" }, { "reference_url": "http://secunia.com/advisories/44076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44076" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66626" }, { "reference_url": "https://github.com/mono/mono/commit/3f8ee42b8c867d9a4c18c22657840d072cca5c3a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/3f8ee42b8c867d9a4c18c22657840d072cca5c3a" }, { "reference_url": "https://github.com/mono/mono/commit/89d1455a80ef13cddee5d79ec00c06055da3085c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/89d1455a80ef13cddee5d79ec00c06055da3085c" }, { "reference_url": "https://github.com/mono/mono/commit/8eb1189099e02372fd45ca1c67230eccf1edddc0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mono/mono/commit/8eb1189099e02372fd45ca1c67230eccf1edddc0" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities" }, { "reference_url": "http://www.securityfocus.com/bid/47208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47208" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0904" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0991", "reference_id": "CVE-2011-0991", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0991" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931058?format=api", "purl": "pkg:deb/debian/mono@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931052?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931050?format=api", "purl": "pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931054?format=api", "purl": "pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931053?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1104238?format=api", "purl": "pkg:deb/debian/mono@6.14.1%2Bds2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0991" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kbuv-pvcj-bucr" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@0%3Fdistro=trixie" }