CVE-2017-11343

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-11343

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11343.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-11343

Related

UBUNTU-CVE-2017-11343

Published

2017-07-17T13:18:20Z

Modified

2024-11-21T03:07:36Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time.

References

Affected packages

Debian:11 / chicken

Package

Name: chicken
Purl: pkg:deb/debian/chicken?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.0-0.2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / chicken

Package

Name: chicken
Purl: pkg:deb/debian/chicken?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.0-0.2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / chicken

Package

Name: chicken
Purl: pkg:deb/debian/chicken?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.0-0.2

Ecosystem specific

{
    "urgency": "not yet assigned"
}