In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.
2024-12-05T20:15:21.577
2025-09-23T12:22:43.550
Analyzed
9119a7d8-5eab-497f-8521-727c672e3725
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | openbsd | openbsd | < 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.3 | Yes |
| Operating System | openbsd | openbsd | 7.4 | Yes |
| Operating System | openbsd | openbsd | 7.4 | Yes |
| Operating System | openbsd | openbsd | 7.4 | Yes |
| Operating System | openbsd | openbsd | 7.4 | Yes |
| Operating System | openbsd | openbsd | 7.4 | Yes |
| Operating System | openbsd | openbsd | 7.4 | Yes |