Search CVE reports
1 – 4 of 4 results
CVE-2024-26306
Medium priorityiPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential...
1 affected packages
iperf3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| iperf3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-7250
Medium priorityA flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to...
1 affected packages
iperf3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| iperf3 | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-38403
Medium prioritySome fixes available 5 of 9
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
1 affected packages
iperf3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| iperf3 | Needs evaluation | Fixed | Fixed | Fixed | Fixed |
CVE-2016-4303
Medium prioritySome fixes available 1 of 5
The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which...
2 affected packages
iperf, iperf3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| iperf | — | Not affected | Not affected | Not affected | Not affected |
| iperf3 | — | Not affected | Not affected | Not affected | Fixed |