VulnerableCode Package Details - pkg:deb/debian/mono@5.18.0.240%2Bdfsg-3

Search for packages

Package details: pkg:deb/debian/mono@5.18.0.240%2Bdfsg-3

Essentials
History (2)

purl	pkg:deb/debian/mono@5.18.0.240%2Bdfsg-3

Next non-vulnerable version	6.8.0.105+dfsg-3.3~deb11u1
Latest non-vulnerable version	6.8.0.105+dfsg-3.3~deb11u1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-kpej-mch5-jyfr Aliases: CVE-2023-26314	The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.	6.8.0.105+dfsg-3.3~deb11u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-xehh-a5vv-kffu	Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.	CVE-2018-1002208 GHSA-cqj4-m2pc-v9m5

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T19:02:58.514414+00:00	Debian Oval Importer	Affected by	VCID-kpej-mch5-jyfr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:59:15.560366+00:00	Debian Oval Importer	Fixing	VCID-xehh-a5vv-kffu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0