{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-40907", "assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "state": "PUBLISHED", "assignerShortName": "CPANSec", "dateReserved": "2025-04-16T09:05:34.360Z", "datePublished": "2025-05-16T13:03:02.774Z", "dateUpdated": "2025-05-16T15:09:00.138Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://cpan.org/modules", "defaultStatus": "unaffected", "packageName": "FCGI", "product": "FCGI", "programFiles": ["libfcgi/fcgiapp.c"], "programRoutines": [{"name": "ReadParams()"}], "repo": "https://github.com/FastCGI-Archives/fcgi2", "vendor": "ETHER", "versions": [{"lessThanOrEqual": "0.82", "status": "affected", "version": "0.44", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Synacktiv"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.<br><br>The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.<br>"}], "value": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.\n\nThe included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A proof of concept exploit for the underlying library exists at&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library#exploitation\">https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library#exploitation</a>"}], "value": "A proof of concept exploit for the underlying library exists at\u00a0 https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library#exploitation"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1395", "description": "CWE-1395: Dependency on Vulnerable Third-Party Component", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "shortName": "CPANSec", "dateUpdated": "2025-05-16T13:03:02.774Z"}, "references": [{"tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2025/04/23/4"}, {"tags": ["issue-tracking"], "url": "https://github.com/FastCGI-Archives/fcgi2/issues/67"}, {"tags": ["patch"], "url": "https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5"}, {"tags": ["technical-description"], "url": "https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library"}, {"tags": ["issue-tracking"], "url": "https://github.com/perl-catalyst/FCGI/issues/14"}, {"tags": ["patch"], "url": "https://patch-diff.githubusercontent.com/raw/FastCGI-Archives/fcgi2/pull/74.patch"}], "source": {"discovery": "UNKNOWN"}, "title": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Updating to version 2.4.5 of the included fcgi2 library and rebuilding the Perl module will protect against the vulnerability.<br><br>We also recommend limiting potential remote access to the FastCGI socket by declaring it as a UNIX socket.<br><br><br>"}], "value": "Updating to version 2.4.5 of the included fcgi2 library and rebuilding the Perl module will protect against the vulnerability.\n\nWe also recommend limiting potential remote access to the FastCGI socket by declaring it as a UNIX socket."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-05-16T15:07:46.084885Z", "id": "CVE-2025-40907", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-16T15:09:00.138Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-40907", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-16T15:07:46.084885Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-16T15:08:50.489Z"}}], "cna": {"title": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Synacktiv"}], "affected": [{"repo": "https://github.com/FastCGI-Archives/fcgi2", "vendor": "ETHER", "product": "FCGI", "versions": [{"status": "affected", "version": "0.44", "versionType": "custom", "lessThanOrEqual": "0.82"}], "packageName": "FCGI", "programFiles": ["libfcgi/fcgiapp.c"], "collectionURL": "https://cpan.org/modules", "defaultStatus": "unaffected", "programRoutines": [{"name": "ReadParams()"}]}], "exploits": [{"lang": "en", "value": "A proof of concept exploit for the underlying library exists at\u00a0 https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library#exploitation", "supportingMedia": [{"type": "text/html", "value": "A proof of concept exploit for the underlying library exists at&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library#exploitation\">https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library#exploitation</a>", "base64": false}]}], "references": [{"url": "http://www.openwall.com/lists/oss-security/2025/04/23/4", "tags": ["mailing-list"]}, {"url": "https://github.com/FastCGI-Archives/fcgi2/issues/67", "tags": ["issue-tracking"]}, {"url": "https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5", "tags": ["patch"]}, {"url": "https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library", "tags": ["technical-description"]}, {"url": "https://github.com/perl-catalyst/FCGI/issues/14", "tags": ["issue-tracking"]}, {"url": "https://patch-diff.githubusercontent.com/raw/FastCGI-Archives/fcgi2/pull/74.patch", "tags": ["patch"]}], "workarounds": [{"lang": "en", "value": "Updating to version 2.4.5 of the included fcgi2 library and rebuilding the Perl module will protect against the vulnerability.\n\nWe also recommend limiting potential remote access to the FastCGI socket by declaring it as a UNIX socket.", "supportingMedia": [{"type": "text/html", "value": "Updating to version 2.4.5 of the included fcgi2 library and rebuilding the Perl module will protect against the vulnerability.<br><br>We also recommend limiting potential remote access to the FastCGI socket by declaring it as a UNIX socket.<br><br><br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.\n\nThe included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.", "supportingMedia": [{"type": "text/html", "value": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.<br><br>The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1395", "description": "CWE-1395: Dependency on Vulnerable Third-Party Component"}]}], "providerMetadata": {"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "shortName": "CPANSec", "dateUpdated": "2025-05-16T13:03:02.774Z"}}}, "cveMetadata": {"cveId": "CVE-2025-40907", "state": "PUBLISHED", "dateUpdated": "2025-05-16T15:09:00.138Z", "dateReserved": "2025-04-16T09:05:34.360Z", "assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "datePublished": "2025-05-16T13:03:02.774Z", "assignerShortName": "CPANSec"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.\n\nThe included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c."}], "id": "CVE-2025-40907", "lastModified": "2025-05-16T16:15:41.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-05-16T13:15:52.683", "references": [{"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "http://www.openwall.com/lists/oss-security/2025/04/23/4"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://github.com/FastCGI-Archives/fcgi2/issues/67"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://github.com/perl-catalyst/FCGI/issues/14"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://patch-diff.githubusercontent.com/raw/FastCGI-Archives/fcgi2/pull/74.patch"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library"}], "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library", "id": "2366847", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366847"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-1395", "details": ["No description is available for this CVE."], "name": "CVE-2025-40907", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "perl-FCGI", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "perl-FCGI:0.78/perl-FCGI", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "perl-FCGI", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-16T13:03:02Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-40907\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-40907\nhttp://www.openwall.com/lists/oss-security/2025/04/23/4\nhttps://github.com/FastCGI-Archives/fcgi2/issues/67\nhttps://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5\nhttps://github.com/perl-catalyst/FCGI/issues/14\nhttps://patch-diff.githubusercontent.com/raw/FastCGI-Archives/fcgi2/pull/74.patch\nhttps://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library"], "threat_severity": "Important"}