8.8

CVE-2023-26314

The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DebianDebian Linux Version10.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.98% 0.582
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://bugs.debian.org/972146
Mailing List
Mitigation
https://lists.debian.org/debian-lts-announce/2023/02/msg00037.html
Third Party Advisory
Mailing List
https://www.openwall.com/lists/oss-security/2023/01/05/1
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/05/19/2
http://www.openwall.com/lists/oss-security/2026/05/19/41