RLSA-2025:8696
- Source
- https://errata.rockylinux.org/RLSA-2025:8696
- Import Source
- https://storage.googleapis.com/resf-osv-data/RLSA-2025:8696.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/RLSA-2025:8696
- Upstream
- Published
- 2025-07-29T13:38:41.630147Z
- Modified
- 2025-07-29T14:03:18.386188Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Important: perl-FCGI:0.78 security update
- Details
-
The perl-FCGI package provides a Perl module for writing FastCGI applications. FastCGI is a more efficient alternative to traditional CGI, as it keeps application processes persistent across multiple requests. This module allows Perl web applications to handle requests faster and with lower resource overhead, making it suitable for high-traffic environments.
Security Fix(es):
- perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library (CVE-2025-40907)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
- Credits
-
-
- Rocky Enterprise Software Foundation
-
- Red Hat
-
Affected packages
Rocky Linux:8 / perl-FCGI
Package
- Name
- perl-FCGI
- Purl
- pkg:rpm/rocky-linux/perl-FCGI?distro=rocky-linux-8&epoch=1
Rocky Linux:8 / perl-FCGI
Package
- Name
- perl-FCGI
- Purl
- pkg:rpm/rocky-linux/perl-FCGI?distro=rocky-linux-8&epoch=1
Rocky Linux:8 / perl-FCGI
Package
- Name
- perl-FCGI
- Purl
- pkg:rpm/rocky-linux/perl-FCGI?distro=rocky-linux-8&epoch=1
Rocky Linux:8 / perl-FCGI
Package
- Name
- perl-FCGI
- Purl
- pkg:rpm/rocky-linux/perl-FCGI?distro=rocky-linux-8&epoch=1