CVE-2017-9334

HIGH7.5EPSS 0.43%

Published: 6/1/2017Modified: 4/28/2026

Description

An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it.

Affected packages (1)

Debian/chickenfrom 0, < 4.12.0-0.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2017-9334