CVE-2023-26314
Summary
The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
References
Advisory Timeline
- Published