Apache: >> Mod Fcgid >> 2.3.6 Security Vulnerabilities
A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07.
CVSS Score
8.8
EPSS Score
0.008
Published
2019-12-03
Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.
CVSS Score
7.5
EPSS Score
0.067
Published
2013-10-17
fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.
CVSS Score
5.0
EPSS Score
0.097
Published
2012-03-19