UBUNTU-CVE-2017-11343
- Source
- https://ubuntu.com/security/CVE-2017-11343
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-11343.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-11343
- Related
- Published
- 2017-07-17T13:18:00Z
- Modified
- 2025-01-13T10:21:24Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time.
- References
Affected packages
Ubuntu:Pro:16.04:LTS / chicken
Package
- Name
- chicken
- Purl
- pkg:deb/ubuntu/chicken@4.9.0.1-1?arch=source&distro=esm-apps/xenial
Ubuntu:18.04:LTS / chicken
Package
- Name
- chicken
- Purl
- pkg:deb/ubuntu/chicken@4.12.0-0.3?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.12.0-0.3
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "low",
"binaries": [
{
"binary_name": "chicken-bin",
"binary_version": "4.12.0-0.3"
},
{
"binary_name": "chicken-bin-dbgsym",
"binary_version": "4.12.0-0.3"
},
{
"binary_name": "libchicken-dev",
"binary_version": "4.12.0-0.3"
},
{
"binary_name": "libchicken8",
"binary_version": "4.12.0-0.3"
},
{
"binary_name": "libchicken8-dbgsym",
"binary_version": "4.12.0-0.3"
}
]
}