CVE-2025-40907 in FCGIИнформация

Сводка

по MITRE • 16.05.2025

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.

The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

CPANSec

Резервировать

16.04.2025

Раскрытие

16.05.2025

Модерация

принято

Вход

VDB-309290

CPE

готов

CWE

CWE-1395 (Подтверждённый)

Эксплойт

Скачать

CVSS

5.5 (VulDB)

EPSS

0.00758

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-40907
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-40907
CVE Details	https://www.cvedetails.com/cve/CVE-2025-40907/

◂ Предыдущий Обзор Далее ▸

Interested in the pricing of exploits?

See the underground prices here!