Vendor
FastCGI Archives
Products
4
CVEs
3
Across products
4
Status
Private
Products
4- 2 CVEs
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-23016 | Cri | 0.53 | 9.3 | 0.01 | Jan 10, 2025 | FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c. | ||
| CVE-2011-2766 | 0.01 | — | 0.07 | Sep 23, 2011 | The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers. | |||
| CVE-2012-6687 | 0.00 | — | 0.06 | Feb 19, 2015 | FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause a denial of service (segmentation fault and crash) via a large number of connections. |
- risk 0.53cvss 9.3epss 0.01
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
- CVE-2011-2766Sep 23, 2011risk 0.01cvss —epss 0.07
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.
- CVE-2012-6687Feb 19, 2015risk 0.00cvss —epss 0.06
FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause a denial of service (segmentation fault and crash) via a large number of connections.