CVE-2017-11343

Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time.
Configurations

Configuration 1 (hide)

cpe:2.3:a:call-cc:chicken:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:07

Type Values Removed Values Added
References () http://lists.gnu.org/archive/html/chicken-announce/2017-07/msg00000.html - Vendor Advisory () http://lists.gnu.org/archive/html/chicken-announce/2017-07/msg00000.html - Vendor Advisory

Information

Published : 2017-07-17 13:18

Updated : 2024-11-21 03:07


NVD link : CVE-2017-11343

Mitre link : CVE-2017-11343

CVE.ORG link : CVE-2017-11343


JSON object : View

Products Affected

call-cc

  • chicken
CWE
CWE-407

Inefficient Algorithmic Complexity