Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Call-cc Subscribe
Filtered by product Chicken

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-6123 2 Call-cc, Debian 2 Chicken, Debian Linux 2019-11-08 5.0 MEDIUM 6.5 MEDIUM
Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack."
CVE-2012-6124 1 Call-cc 1 Chicken 2019-11-06 5.0 MEDIUM 5.3 MEDIUM
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes (and is advertised as being unsuitable)."