pkg:Debian/mono

All known vulnerabilities

• CRITICAL9.8CVE-2015-2320The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.
  from 0, < 3.2.8+dfsg-10
• HIGH8.8CVE-2023-26314mono - security update
  from 0, < 5.18.0.240+dfsg-3+deb10u1
• HIGH8.8CVE-2023-26314mono - security update
  from 0, < 6.8.0.105+dfsg-3.3~deb11u1
• HIGH8.1mono - security update
  from 0, < 2.10.8.1-8+deb7u1
• HIGH8.1mono - security update
  from 0, < 3.2.8+dfsg-10
• HIGH8.1mono - security update
  from 0, < 2.6.7-5.1+deb6u1
• HIGH7.5mono 2.10.x ASP.NET Web Form Hash collision DoS
  from 0, < 2.10.8.1-7
• HIGH7.5The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via craf…
  from 0, < 3.2.8+dfsg-10
• MEDIUM5.5Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib
  from 0, < 5.18.0.240+dfsg-1
• —Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
  from 0, < 2.4.4~svn151842-3
• —openoffice.org - several vulnerabilities
  from 0, < 2.4.2.3+dfsg-1
• —mono - missing input sanitising
  from 0, < 2.6.7-5.1
• —mono - missing input sanitising
  from 0, < 2.10.8.1-5
• —Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote attackers to obtain the source code for .…
  from 0, < 2.6.7-5
• —Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse s…
  from 0, < 2.6.7-4
• —kdelibs - arbitrary code execution
  from 0, < 3.2.8+dfsg-10+deb8u1
• —kdelibs - arbitrary code execution
  from 0, < 4.2.1.102+dfsg2-4
• —kdelibs - arbitrary code execution
  from 0, < 2.6.7-5.1+deb6u2
• —CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP r…
  from 0, < 1.9.1+dfsg-4
• —Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject…
  from 0, < 1.9.1+dfsg-4
• —mono - integer overflow
  from 0, < 1.2.5.1-2
• —mono - integer overflow
  from 0, < 1.2.5.1-1+lenny1
• —mono - integer overflow
  from 0, < 1.2.2.1-1etch1
• —The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote at…
  from 0, < 1.2.2.1-1
• —The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite…
  from 0, < 1.1.17.1-5
• —Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arb…
  from 0, < 1.1.6-4