FCGI-0.79

Security Advisories (1)

CVE-2025-40907 (2025-05-16)

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.

http://www.openwall.com/lists/oss-security/2025/04/23/4
https://github.com/FastCGI-Archives/fcgi2/issues/67
https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5
https://github.com/perl-catalyst/FCGI/issues/14
https://patch-diff.githubusercontent.com/raw/FastCGI-Archives/fcgi2/pull/74.patch
https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library

Changes for version 0.79 - 2019-12-14

Check socket path length in OS_CreateLocalIpcFd() and OS_FcgiConnect() to avoid buffer overrun (Petr Písař, pull request #5)
Fix a memory leak in ProcessManagementRecord() (Petr Písař, pull request #4)

Modules

FCGI

Fast CGI module

Provides

FCGI::Stream

in FCGI.pm

Examples

eg/echo.pl
eg/remote.pl
eg/threaded.pl

Other files

ChangeLog
LICENSE
MANIFEST
META.json
META.yml
Makefile.PL
README

To install FCGI, copy and paste the appropriate command in to your terminal.

cpanm

cpanm FCGI

CPAN shell

perl -MCPAN -e shell
install FCGI

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Changes for version 0.79 - 2019-12-14

Modules

Provides

Examples

Other files

Module Install Instructions