Lucene search
K
EsIperf3

8 matches found

CVE
CVE
added 2023/07/17 12:0 a.m.276 views

CVE-2023-38403

CVE-2023-38403 affects iperf3 builds prior to 3.14 (versions < 3.14). The vulnerability arises from a memory/length handling issue that can cause an integer overflow and heap corruption, with the potential for crash or arbitrary code execution as described in the reports. Exploitation status i...

7.5CVSS7.6AI score0.01703EPSS
CVE
CVE
added 2016/09/26 2:0 p.m.213 views

CVE-2016-4303

CVE-2016-4303 affects iperf/iperf3 and the cJSON-UTF8/UTF-16 parsing path; the vulnerability allows denial of service or arbitrary code execution via a crafted JSON string that triggers a heap-based buffer overflow. The connected docs confirm downstream patches: upstream releases addressed the is...

9.8CVSS9.5AI score0.06963EPSS
CVE
CVE
added 2024/12/18 12:0 a.m.159 views

CVE-2024-53580

CVE-2024-53580 affects iperf3, with a segmentation fault triggered in iperf_exchange_parameters() in version 3.17.1. Public sources indicate the issue impacts iperf3 and is addressed in the 3.18 line (e.g., patches and advisories across Linux distributions such as Debian LTS, Amazon Linux ALAS/AL...

7.5CVSS7.4AI score0.00908EPSS
CVE
CVE
added 2024/03/18 12:21 p.m.142 views

CVE-2023-7250

CVE-2023-7250 affects iperf/iperf3: a misbehaving client that sends less data than expected can cause the iperf3 server to hang waiting for the remainder, denying service to other connections. Affected projects and notes from connected sources confirm the vulnerability in iperf3 when used as a se...

5.3CVSS5.1AI score0.00932EPSS
CVE
CVE
added 2025/08/03 12:0 a.m.92 views

CVE-2025-54349

CVE-2025-54349 affects iperf3 prior to version 3.19.1, caused by an off-by-one in iperf_auth.c leading to a heap-based buffer overflow. Connected advisories confirm a patch was released with iperf3-3.19.1 (and related debian/alma/linux advisories reference the fix). Affected product is iperf3; ro...

10CVSS6.6AI score0.00381EPSS
CVE
CVE
added 2024/05/13 12:0 a.m.91 views

CVE-2024-26306

CVE-2024-26306 concerns iperf3 prior to 3.17 when used as a server with RSA authentication under OpenSSL prior to 3.2.0. A timing side-channel exists in the RSA decryption operation, potentially enabling an attacker to recover credential plaintext after sending a large number of trial messages, d...

5.9CVSS6.5AI score0.01107EPSS
CVE
CVE
added 2025/08/03 12:0 a.m.54 views

CVE-2025-54351

In iperf before 3.19.1, net.c is vulnerable to a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv). Affected products are iperf 3.19 and older. The issue is addressed in iperf 3.19.1, with advisories and patches published by multiple vendors (e.g., openSUSE/SUSE SUSE-SU-2025:027...

10CVSS6.9AI score0.004EPSS
CVE
CVE
added 2025/08/03 12:0 a.m.49 views

CVE-2025-54350

CVE-2025-54350 affects iperf/iperf3 prior to version 3.19.1. The issue is an assertion failure in iperf_auth.c during a malformed authentication attempt, caused by a Base64Decode error, which can cause the application to exit. Several connected advisories confirm the impact and the fix version: p...

5.3CVSS6.7AI score0.00398EPSS