199 matches found
SUSE SLES15 Security Update : haproxy (SUSE-SU-2026:2652-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2652-1 advisory. This update for haproxy fixes the following issues - CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that...
SUSE-SU-2026:2651-1 Security update for haproxy
This update for haproxy fixes the following issues - CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers bsc1268557. - CVE-2026-55204: null pointer dereference vulnerability in hpackdhtinsert within...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : HAProxy vulnerabilities (USN-8459-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8459-1 advisory. It was discovered that HAProxy incorrectly handled the FCGI demultiplexer record length field. A remote attacker could...
USN-8459-1: HAProxy vulnerabilities
It was discovered that HAProxy incorrectly handled the FCGI demultiplexer record length field. A remote attacker could possibly use this issue to cause incorrect request routing, response smuggling, or other memory safety issues. CVE-2026-55203 It was discovered that HAProxy failed to validate th...
CVE-2026-55203
HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...
CVE-2026-55203 HAProxy - Integer Overflow in FCGI Demux Record Length Field
HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...
MiracleLinux 8 : perl-FCGI:0.78 (AXSA:2025-10019:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10019:01 advisory. perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library CVE-2025-40907 Tenable has extracte...
MiracleLinux 8 : perl-FCGI:0.78 (AXSA:2025-10020:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10020:01 advisory. perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library CVE-2025-40907 Tenable has extracte...
MiracleLinux 9 : perl-FCGI-0.79-8.1.el9_6 (AXSA:2025-10601:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10601:01 advisory. perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library CVE-2025-40907 Tenable has extracte...
MiracleLinux 8 : perl-FCGI:0.78 (AXSA:2025-10018:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10018:01 advisory. perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library CVE-2025-40907 Tenable has extracte...
[SECURITY] Fedora 41 Update: fcgi-2.4.7-1.fc41
FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs...
Fedora 42 : fcgi (2025-d7c1457e7e)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d7c1457e7e advisory. 2.4.7 release, fixes CVE-2025-23016 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...
Fedora: Security Advisory (FEDORA-2025-93042e260c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-67511a59e3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-d7c1457e7e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2025-1764321881 perl-FCGI: Fix of CVE-2025-40907
CVE-2025-40907: fix integer overflow and heap-based buffer overflow in fcgi2 library...
TencentOS Server 4: perl-FCGI (TSSA-2025:0476)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0476 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 4: fcgi (TSSA-2025:0422)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0422 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
AlmaLinux 10 : perl-FCGI (ALSA-2025:8636)
The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:8636 advisory. perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library CVE-2025-40907 Tenable has extracted the...
EUVD-2011-2740
Malware in sbrugna...