"perl-FCGI":"0.78" perl-FCGI-0.78-12.module+el8+1885+5bf0295f

The perl-FCGI package provides a Perl module for writing FastCGI applications.
FastCGI is a more efficient alternative to traditional CGI, as it keeps
application processes persistent across multiple requests. This module allows
Perl web applications to handle requests faster and with lower resource
overhead, making it suitable for high-traffic environments.

Security Fix(es):

* perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable
version of the FastCGI fcgi2 (aka fcgi) library (CVE-2025-40907)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2025-40907
FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the
FastCGI fcgi2 (aka fcgi) library. The included FastCGI library is affected by
CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer
overflow) via crafted nameLen or valueLen values in data to the IPC socket. This
occurs in ReadParams in fcgiapp.c.

Modularity name: "perl-FCGI"
Stream name: "0.78"