What is GHSA-796j-2mh8-qff6?

GHSA-796j-2mh8-qff6 is a security advisory published by GitHub Security Advisories with High severity. The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the...

Which CVE IDs does GHSA-796j-2mh8-qff6 cover?

GHSA-796j-2mh8-qff6 covers the following CVE IDs: CVE-2023-26314. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-796j-2mh8-qff6?

GHSA-796j-2mh8-qff6 has a CVSS v3 base score of 8.8, published by GitHub Security Advisories.

GHSA-796j-2mh8-qff6HighCVSS 8.8

The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the...

Vendor

GitHub Security Advisories

Published

February 22, 2023

Last Modified

May 20, 2026

🔗 CVE IDs covered (1)

CVE-2023-26314 →

📋 Description

The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.

🔗 References (7)

https://nvd.nist.gov/vuln/detail/CVE-2023-26314
https://bugs.debian.org/972146
https://www.openwall.com/lists/oss-security/2023/01/05/1
https://lists.debian.org/debian-lts-announce/2023/02/msg00037.html
http://www.openwall.com/lists/oss-security/2026/05/19/2
http://www.openwall.com/lists/oss-security/2026/05/19/41
https://github.com/advisories/GHSA-796j-2mh8-qff6