iperf
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-53580 | Hig | 0.49 | 7.5 | 0.01 | Dec 18, 2024 | iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function. | ||
| CVE-2024-26306 | Med | 0.38 | 5.9 | 0.01 | May 14, 2024 | iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large… | ||
| CVE-2023-7250 | Med | 0.35 | 5.3 | 0.01 | Mar 18, 2024 | A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or… | ||
| CVE-2023-38403 | Hig | 0.00 | 7.5 | 0.02 | Jul 17, 2023 | iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. |
- risk 0.49cvss 7.5epss 0.01
iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function.
- risk 0.38cvss 5.9epss 0.01
iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large…
- risk 0.35cvss 5.3epss 0.01
A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or…
- risk 0.00cvss 7.5epss 0.02
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.