Vulnerabilities > Mono Project > Mono > 2.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-08 | CVE-2015-2320 | Improper Certificate Validation vulnerability in multiple products The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback. | 9.8 |
2018-01-08 | CVE-2015-2319 | Improper Certificate Validation vulnerability in Mono-Project Mono The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204. | 7.5 |
2018-01-08 | CVE-2015-2318 | Improper Certificate Validation vulnerability in multiple products The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue. | 8.1 |