CVE-2025-23016

Published Jan 10, 2025

Last updated a month ago

Overview

Description
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
Source
cve@mitre.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.3
Impact score
6
Exploitability score
2.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

cve@mitre.org
CWE-190

Social media

Hype score
Not currently trending
  1. CVE-2025-23016 (CVSS:9.3, CRITICAL) is Awaiting Analysis. FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafte..https://t.co/yI8EQ6nnJB #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    15 Jan 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE Alert: CVE-2025-23016 - https://t.co/jvPS530fTg #OSINT #ThreatIntel #CyberSecurity #cve_2025_23016

    @RedPacketSec

    11 Jan 2025

    84 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-23016 Integer Overflow Leading to Heap Buffer Overflow in FastCGI 2.4.4 FastCGI fcgi2 (version 2.x up to 2.4.4) has an integer overflow vulnerability. This leads to a heap-based buffer overflow. The issu... https://t.co/BgKzFkU0BP

    @VulmonFeeds

    10 Jan 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. New post from https://t.co/uXvPWJy6tj (CVE-2025-23016 | FastCGI fcgi2 up to 2.4.4 fcgiapp.c nameLen/valueLen integer overflow (Issue 67)) has been published on https://t.co/GP4T7hTBYr

    @WolfgangSesin

    10 Jan 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. [CVE-2025-23016: CRITICAL] FastCGI fcgi2 2.x through 2.4.4 has a critical vulnerability allowing an overflow attack via manipulated values in data to the IPC socket. #cybersecurity#cybersecurity,#vulnerability https://t.co/7BDS4JMCbS https://t.co/ooLq6ZaHuh

    @CveFindCom

    10 Jan 2025

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-23016 FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IP… https://t.co/65YDTcNLq7

    @CVEnew

    10 Jan 2025

    450 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes