Search for packages
| purl | pkg:deb/debian/mono@2.10.8.1-8%2Bdeb7u1 |
| Next non-vulnerable version | 6.8.0.105+dfsg-3.3~deb11u1 |
| Latest non-vulnerable version | 6.8.0.105+dfsg-3.3~deb11u1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4gvf-mcv9-aaab
Aliases: CVE-2015-2320 |
The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback. |
Affected by 3 other vulnerabilities. |
|
VCID-6qds-tekv-aaaj
Aliases: CVE-2015-2319 |
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204. |
Affected by 3 other vulnerabilities. |
|
VCID-9hk3-5wyf-aaae
Aliases: CVE-2023-26314 |
The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter. |
Affected by 0 other vulnerabilities. |
|
VCID-hq4z-qnux-aaag
Aliases: CVE-2009-0689 |
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. |
Affected by 2 other vulnerabilities. |
|
VCID-qs89-w1wn-aaar
Aliases: CVE-2015-2318 |
The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue. |
Affected by 3 other vulnerabilities. |
|
VCID-w1m8-n281-aaam
Aliases: CVE-2018-1002208 GHSA-cqj4-m2pc-v9m5 |
SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4gvf-mcv9-aaab | The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback. |
CVE-2015-2320
|
| VCID-6qds-tekv-aaaj | The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204. |
CVE-2015-2319
|
| VCID-qs89-w1wn-aaar | The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue. |
CVE-2015-2318
|
| VCID-rs6r-ugky-aaap | mono 2.10.x ASP.NET Web Form Hash collision DoS |
CVE-2012-3543
|
| VCID-x996-zg65-aaam | Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message. |
CVE-2012-3382
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:20:20.638791+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T19:07:50.685838+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:59:13.941365+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:23:24.837672+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T17:17:03.144157+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T16:21:06.746418+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:21:05.949308+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:15:03.477993+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:18:51.550466+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:09:47.618868+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:44:51.608956+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:41:26.361653+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:22:08.545462+00:00 | Debian Oval Importer | Fixing | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:18:43.686834+00:00 | Debian Oval Importer | Fixing | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:13:15.623829+00:00 | Debian Oval Importer | Fixing | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T07:40:25.709334+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | None | 36.1.3 |
| 2025-06-21T01:21:30.498680+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | None | 36.1.3 |
| 2025-06-21T00:58:49.698962+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | None | 36.1.3 |
| 2025-06-20T23:18:48.498902+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | None | 36.1.3 |
| 2025-06-20T23:10:13.442864+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | None | 36.1.3 |
| 2025-06-20T23:05:25.254839+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | None | 36.1.3 |
| 2025-06-20T21:44:33.401737+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | None | 36.1.3 |
| 2025-06-20T20:26:40.695435+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | None | 36.1.3 |
| 2025-06-20T19:20:48.184951+00:00 | Debian Oval Importer | Fixing | VCID-qs89-w1wn-aaar | None | 36.1.3 |
| 2025-06-08T11:49:04.500525+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:36:53.621023+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:28:34.861384+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:54:08.444265+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T09:58:17.058117+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:07:16.055756+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:15:16.309940+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:08:51.696018+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:13:24.242314+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:04:36.681983+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:40:11.946982+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:37:22.287276+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:10:00.315988+00:00 | Debian Oval Importer | Fixing | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T03:06:33.245887+00:00 | Debian Oval Importer | Fixing | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T03:00:52.802491+00:00 | Debian Oval Importer | Fixing | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T01:20:21.111643+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | None | 36.1.0 |
| 2025-06-07T18:44:18.141855+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | None | 36.1.0 |
| 2025-06-07T18:21:14.233846+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | None | 36.1.0 |
| 2025-06-07T16:41:47.816575+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | None | 36.1.0 |
| 2025-06-07T16:33:22.125125+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | None | 36.1.0 |
| 2025-06-07T16:28:36.897164+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | None | 36.1.0 |
| 2025-06-07T15:07:32.079229+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | None | 36.1.0 |
| 2025-06-07T14:01:22.952699+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | None | 36.1.0 |
| 2025-06-07T13:20:21.094676+00:00 | Debian Oval Importer | Fixing | VCID-qs89-w1wn-aaar | None | 36.1.0 |
| 2025-06-03T13:19:48.306138+00:00 | Debian Oval Importer | Fixing | VCID-qs89-w1wn-aaar | None | 36.1.2 |
| 2025-04-12T22:34:17.092918+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:45:24.902082+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:16:02.034041+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:07:54.645441+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:34:03.887592+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:21:26.881791+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:12:48.567057+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:36:38.786763+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T08:30:30.804587+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T07:39:04.206060+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:46:56.293747+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:40:51.638889+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:45:36.315007+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:36:36.832739+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:11:52.051166+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:08:55.920560+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T01:37:20.825786+00:00 | Debian Oval Importer | Fixing | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:33:46.818876+00:00 | Debian Oval Importer | Fixing | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:27:58.982158+00:00 | Debian Oval Importer | Fixing | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-07T23:53:05.036956+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | None | 36.0.0 |
| 2025-04-07T17:22:07.752761+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | None | 36.0.0 |
| 2025-04-07T16:58:50.625794+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | None | 36.0.0 |
| 2025-04-07T15:14:13.114998+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | None | 36.0.0 |
| 2025-04-07T15:05:27.500579+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | None | 36.0.0 |
| 2025-04-07T15:00:30.548228+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | None | 36.0.0 |
| 2025-04-07T13:39:16.454017+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | None | 36.0.0 |
| 2025-04-07T12:35:40.160897+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | None | 36.0.0 |
| 2025-04-07T11:55:53.642776+00:00 | Debian Oval Importer | Fixing | VCID-qs89-w1wn-aaar | None | 36.0.0 |
| 2024-11-29T05:09:28.089397+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-29T03:01:22.957836+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-27T01:20:54.505517+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T12:04:51.433787+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T10:30:24.272256+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-12T23:28:17.262307+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T09:17:13.402097+00:00 | Debian Oval Importer | Fixing | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T08:33:35.437940+00:00 | Debian Oval Importer | Fixing | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-20T18:27:20.996986+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |