pkg:Debian/chicken

All known vulnerabilities

• CRITICAL9.8CVE-2012-6125Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions.
  from 0, < 4.8.0-1
• CRITICAL9.8CVE-2016-6830chicken - security update
  from 0, < 4.7.0-1+deb7u1
• CRITICAL9.8CVE-2016-6830chicken - security update
  from 0, < 4.12.0-0.2
• HIGH8.8OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4.9.0.
  from 0, < 4.8.0.3-1
• HIGH8.1chicken - security update
  from 0, < 4.12.0-0.2
• HIGH8.1chicken - security update
  from 0, < 4.7.0-1+deb7u2
• HIGH7.5Buffer overflow in the thread scheduler in Chicken before 4.8.0.1 allows attackers to cause a denial of service (crash) by opening a file d…
  from 0, < 4.8.0.3-1
• HIGH7.5Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic comp…
  from 0, < 4.12.0-0.2
• HIGH7.5Directory traversal vulnerability in Spiffy before 5.4.
  from 0, < 4.10.0-1
• HIGH7.5An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior t…
  from 0, < 4.12.0-0.2
• HIGH7.5The backtrack compilation code in the Irregex package (aka IrRegular Expressions) before 0.9.6 for Scheme allows remote attackers to cause…
  from 0, < 4.12.0-0.2
• HIGH7.5The string-translate* procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service (…
  from 0, < 4.10.0-1
• HIGH7.5The "process-execute" and "process-spawn" procedures did not free memory correctly when the execve() call failed, resulting in a memory lea…
  from 0, < 4.12.0-0.2
• MEDIUM6.5Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack."
  from 0, < 4.8.0-1
• MEDIUM5.3A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value.
  from 0, < 4.8.0-1
• —Buffer overflow in CHICKEN 4.9.0.x before 4.9.0.2, 4.9.x before 4.9.1, and before 5.0 allows attackers to have unspecified impact via a pos…
  from 0, < 4.10.0-1
• —Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc i…
  from 0, < 4.8.0.3-1
• —Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allow…
  from 0, < 4.9.0-1
• —Buffer overflow in the "read-string!" procedure in the "extras" unit in CHICKEN stable before 4.8.0.5 and development snapshots before 4.8.…
  from 0, < 4.8.0.5-1