DEBIAN-CVE-2025-40907

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

UBUNTU-CVE-2025-40907

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

CVE-2025-40907 FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

CVE-2025-40907

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

CVE-2025-40907 FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

CVE-2025-40907

CVE-2025-40907 affects FCGI 0.44–0.82 with the included fcgi2 library (libfcgi) in Perl-based FCGI; root cause is an integer overflow in ReadParams (fcgiapp.c), leading to a heap-based buffer overflow via crafted nameLen/valueLen. Public advisories indicate fixes across multiple distributions: De...

CVE-2025-40907

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

fcgi2 安全漏洞

fcgi2 is a FastCGI Developer's Toolkit from FastCGI-Archives Open Source. A security vulnerability exists in fcgi2 versions 0.44 through 0.82, which stems from a FastCGI stock in integer overflow that could result in a heap buffer overflow...

ROS-20250515-09

A vulnerability in the ReadParams function of the FastCGI protocol implementation of the fcgi2 library fcgi is related to an integer overflow. integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by sending requests containing special...

php: PHP-FPM Log Manipulation Vulnerability

A flaw was found in PHP-FPM, the FastCGI Process Manager. This vulnerability can allow an attacker to manipulate or remove up to 4 characters from log messages via crafted log content, potentially polluting or altering the final log. If PHP-FPM is configured to use syslog output, further log data...

OESA-2025-1475 fcgi security update

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs. Security Fixes: FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via crafted nameLen or...

USN-7486-1: FastCGI vulnerability

It was discovered that FastCGI incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

USN-7486-1 libfcgi vulnerability

It was discovered that FastCGI incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : FastCGI vulnerability (USN-7486-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7486-1 advisory. It was discovered that FastCGI incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execu...

MGASA-2025-0144 Updated fcgi packages fix security vulnerability

FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c. CVE-2025-23016...

Updated fcgi packages fix security vulnerability

FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c. CVE-2025-23016...

FreeBSD : fcgi -- Heap-based buffer overflow via crafted nameLen/valueLen in ReadParams (5f868a5f-2943-11f0-bb22-f02f7432cf97)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5f868a5f-2943-11f0-bb22-f02f7432cf97 advisory. [email protected] reports: FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant...

The vulnerability of the ReadParams function in the implementation of the FastCGI protocol, provided by the fcgii2 library (fcgi), allows a hacker to execute arbitrary code.

The vulnerability of the ReadParams function in the FastCGI protocol implementation of the fcgii2 fcgi library is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending requests containing specially crafted values for parameters...

FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.

...

PT-2025-16187

Name of the Vulnerable Software and Affected Versions: H3C Magic NX15 versions up to V100R014 H3C Magic NX30 Pro versions up to V100R014 H3C Magic NX400 versions up to V100R014 H3C Magic R3010 versions up to V100R014 H3C Magic BE18000 versions up to V100R014 Description: A critical issue has been...