rpm package
opensuse/tinc&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/tinc&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-16758 | — | < 1.0.36-1.9 | 1.0.36-1.9 | Oct 10, 2018 | Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets. | ||
| CVE-2018-16737 | — | < 1.0.36-1.9 | 1.0.36-1.9 | Oct 10, 2018 | tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation. |
- CVE-2018-16758Oct 10, 2018affected < 1.0.36-1.9fixed 1.0.36-1.9
Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets.
- CVE-2018-16737Oct 10, 2018affected < 1.0.36-1.9fixed 1.0.36-1.9
tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation.