CVE-2025-40907

CVE-2025-40907 affects FCGI 0.44–0.82 with the included fcgi2 library (libfcgi) in Perl-based FCGI; root cause is an integer overflow in ReadParams (fcgiapp.c), leading to a heap-based buffer overflow via crafted nameLen/valueLen. Public advisories indicate fixes across multiple distributions: De...

CVE-2012-6687

CVE-2012-6687 affects FastCGI (fcgi/libfcgi) 2.4.0, where remote attackers can cause a denial of service (segmentation fault/crash) by opening a large number of connections. The underlying cause is discussed in Mageia MGASA-2016-0089: fcgi does not perform range checks for file descriptors before...