Vulnerabilities > Call CC > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-10 | CVE-2022-45145 | OS Command Injection vulnerability in Call-Cc Chicken egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file. | 9.8 |
| 2019-11-22 | CVE-2014-6310 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function. | 9.8 |
| 2019-10-31 | CVE-2012-6125 | Improper Input Validation vulnerability in Call-Cc Chicken Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions. | 9.8 |
| 2017-01-10 | CVE-2016-6830 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Call-Cc Chicken The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve() call. | 9.8 |