Search for packages
| purl | pkg:deb/debian/mono@2.6.7-5.1%2Bdeb6u2 |
| Next non-vulnerable version | 6.8.0.105+dfsg-3.3~deb11u1 |
| Latest non-vulnerable version | 6.8.0.105+dfsg-3.3~deb11u1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4gvf-mcv9-aaab
Aliases: CVE-2015-2320 |
The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback. |
Affected by 6 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-6qds-tekv-aaaj
Aliases: CVE-2015-2319 |
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204. |
Affected by 6 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-9hk3-5wyf-aaae
Aliases: CVE-2023-26314 |
The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter. |
Affected by 0 other vulnerabilities. |
|
VCID-hq4z-qnux-aaag
Aliases: CVE-2009-0689 |
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. |
Affected by 2 other vulnerabilities. |
|
VCID-qs89-w1wn-aaar
Aliases: CVE-2015-2318 |
The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue. |
Affected by 6 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-rs6r-ugky-aaap
Aliases: CVE-2012-3543 |
mono 2.10.x ASP.NET Web Form Hash collision DoS |
Affected by 6 other vulnerabilities. |
|
VCID-w1m8-n281-aaam
Aliases: CVE-2018-1002208 GHSA-cqj4-m2pc-v9m5 |
SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'. |
Affected by 1 other vulnerability. |
|
VCID-x996-zg65-aaam
Aliases: CVE-2012-3382 |
Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message. |
Affected by 6 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:20:20.637009+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T19:07:50.683993+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:59:13.938838+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:23:24.835665+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T17:17:03.140154+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T16:21:06.744590+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:21:05.947275+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:15:03.475609+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:18:51.548298+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:09:47.616868+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:44:51.606777+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:41:26.359818+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:22:08.543432+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:18:43.684940+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:13:15.621883+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T07:40:25.707222+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | None | 36.1.3 |
| 2025-06-21T01:21:30.496841+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | None | 36.1.3 |
| 2025-06-21T00:58:49.697168+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | None | 36.1.3 |
| 2025-06-20T23:10:13.441030+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | None | 36.1.3 |
| 2025-06-20T23:05:25.252920+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | None | 36.1.3 |
| 2025-06-20T21:44:33.399424+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | None | 36.1.3 |
| 2025-06-20T20:26:40.693450+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | None | 36.1.3 |
| 2025-06-20T19:20:48.182646+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | None | 36.1.3 |
| 2025-06-08T11:49:04.498665+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:36:53.619220+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:28:34.859790+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:54:08.442601+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T09:58:17.056251+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:07:16.054033+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:15:16.308406+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:08:51.694211+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:13:24.240815+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:04:36.680355+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:40:11.945177+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:37:22.285765+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:10:00.314410+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T03:06:33.244344+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T03:00:52.800709+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T01:20:21.109928+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | None | 36.1.0 |
| 2025-06-07T18:44:18.140287+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | None | 36.1.0 |
| 2025-06-07T18:21:14.231183+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | None | 36.1.0 |
| 2025-06-07T16:33:22.123613+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | None | 36.1.0 |
| 2025-06-07T16:28:36.895673+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | None | 36.1.0 |
| 2025-06-07T15:07:32.077749+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | None | 36.1.0 |
| 2025-06-07T14:01:22.950786+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | None | 36.1.0 |
| 2025-06-07T13:20:21.092739+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | None | 36.1.0 |
| 2025-06-03T13:19:48.304158+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | None | 36.1.2 |
| 2025-04-12T22:34:17.088050+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:45:24.897102+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:16:02.028234+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:07:54.640527+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:34:03.882738+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:21:26.876671+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:12:48.562033+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:36:38.781888+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T08:30:30.799679+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T07:39:04.201085+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:46:56.288735+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:40:51.633819+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:45:36.310125+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:36:36.827475+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:11:52.046321+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:08:55.915665+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T01:37:20.820679+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:33:46.812907+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:27:58.976660+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-07T23:53:05.031576+00:00 | Debian Oval Importer | Affected by | VCID-9hk3-5wyf-aaae | None | 36.0.0 |
| 2025-04-07T17:22:07.747922+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | None | 36.0.0 |
| 2025-04-07T16:58:50.620245+00:00 | Debian Oval Importer | Affected by | VCID-6qds-tekv-aaaj | None | 36.0.0 |
| 2025-04-07T15:05:27.495988+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | None | 36.0.0 |
| 2025-04-07T15:00:30.542690+00:00 | Debian Oval Importer | Affected by | VCID-w1m8-n281-aaam | None | 36.0.0 |
| 2025-04-07T13:39:16.448487+00:00 | Debian Oval Importer | Affected by | VCID-4gvf-mcv9-aaab | None | 36.0.0 |
| 2025-04-07T12:35:40.156127+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | None | 36.0.0 |
| 2025-04-07T11:55:53.637353+00:00 | Debian Oval Importer | Affected by | VCID-qs89-w1wn-aaar | None | 36.0.0 |
| 2024-11-29T05:09:28.084556+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-29T03:01:22.952722+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-27T01:20:54.500516+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T12:04:51.428896+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T10:30:24.267474+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-12T23:28:17.257202+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T09:17:13.396730+00:00 | Debian Oval Importer | Affected by | VCID-rs6r-ugky-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T08:33:35.432650+00:00 | Debian Oval Importer | Affected by | VCID-x996-zg65-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-20T18:27:20.990535+00:00 | Debian Oval Importer | Affected by | VCID-hq4z-qnux-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |