Chicken@* Security Vulnerabilities and Issues — Chicken@* CVE List

Lucene search

Call-ccChicken*

6 matches found

CVE•added 2019/10/31 9:15 p.m.•85 views

CVE-2013-2075

Multiple buffer overflows in the (1) R5RS char-ready, (2) tcp-accept-ready, and (3) file-select procedures in Chicken through 4.8.0.3 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value. NOTE: this issue exists because of an incomplete fix f...

8.8CVSS7.5AI score0.02127EPSS

CVE•added 2019/10/31 9:15 p.m.•83 views

CVE-2012-6123

Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack."

6.5CVSS6.3AI score0.00425EPSS

CVE•added 2019/10/31 9:15 p.m.•78 views

CVE-2012-6122

Buffer overflow in the thread scheduler in Chicken before 4.8.0.1 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value.

7.5CVSS7.8AI score0.02127EPSS

CVE•added 2019/10/31 9:15 p.m.•70 views

CVE-2012-6125

Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions.

9.8CVSS8.4AI score0.00635EPSS

CVE•added 2019/10/31 9:15 p.m.•69 views

CVE-2012-6124

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes (and is advertised as being unsuitable)."

5.3CVSS5.2AI score0.0042EPSS

CVE•added 2019/10/31 8:15 p.m.•64 views

CVE-2013-2024

OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4.9.0.

9CVSS8.9AI score0.03017EPSS