{"id":"CVE-2016-6830","details":"The \"process-execute\" and \"process-spawn\" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve() call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released).","modified":"2026-03-14T09:20:27.668923Z","published":"2017-01-10T15:59:00.457Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/92550"},{"type":"FIX","url":"http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6830.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.11.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}