[Git][security-tracker-team/security-tracker][master] Add new iperf3 issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Aug 3 09:23:40 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8dfa56f3 by Salvatore Bonaccorso at 2025-08-03T10:23:12+02:00
Add new iperf3 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,11 +27,17 @@ CVE-2025-8493 (A vulnerability classified as critical was found in code-projects
 CVE-2025-54955 (OpenNebula Community Edition (CE) before 7.0.0 and Enterprise Edition  ...)
 	- opennebula <removed>
 CVE-2025-54351 (In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-cop ...)
-	TODO: check
+	- iperf3 <unfixed>
+	NOTE: https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0 (master)
+	NOTE: https://github.com/esnet/iperf/commit/c9af85a384859365b7184be173da4876437aaf40 (3.19.1)
 CVE-2025-54350 (In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion fail ...)
-	TODO: check
+	- iperf3 <unfixed>
+	NOTE: https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a (master)
+	NOTE: https://github.com/esnet/iperf/commit/de932ea16bc959f839d28d370f0602de52c5def1 (3.19.1)
 CVE-2025-54349 (In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resul ...)
-	TODO: check
+	- iperf3 <unfixed>
+	NOTE: https://github.com/esnet/iperf/commit/4e5313bab0b9b3fe03513ab54f722c8a3e4b7bdf (master)
+	NOTE: https://github.com/esnet/iperf/commit/42280d2292ed5f213bfcb33b2206ebcdb151ae66 (3.19.1)
 CVE-2025-52133 (The Mocca Calendar application before 2.15 for XWiki allows XSS via a  ...)
 	NOT-FOR-US: XWiki
 CVE-2025-52132 (The Mocca Calendar application before 2.15 for XWiki allows XSS via a  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dfa56f3db3dd39b64f7f5eec58cce781c9fb312

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dfa56f3db3dd39b64f7f5eec58cce781c9fb312
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250803/4bb3e76a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list