Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mono
(Mono\-Project)| Repositories | https://github.com/mono/mono |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-02-22 | CVE-2023-26314 | The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter. | Debian_linux, Mono | 8.8 | ||
| 2019-11-21 | CVE-2012-3543 | mono 2.10.x ASP.NET Web Form Hash collision DoS | Ubuntu_linux, Debian_linux, Mono | N/A | ||
| 2018-01-08 | CVE-2015-2320 | The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback. | Debian_linux, Mono | 9.8 | ||
| 2018-01-08 | CVE-2015-2319 | The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204. | Mono | 7.5 | ||
| 2018-01-08 | CVE-2015-2318 | The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue. | Debian_linux, Mono | 8.1 |