rpm package
suse/FastCGI&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
pkg:rpm/suse/FastCGI&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-23016 | Cri | 9.3 | < 2.4.0-150000.4.3.1 | 2.4.0-150000.4.3.1 | Jan 10, 2025 | FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c. |
- affected < 2.4.0-150000.4.3.1fixed 2.4.0-150000.4.3.1
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.