VYPR

Tailscale

by Tailscale

Source repositories

CVEs (3)

  • CVE-2022-41925HigNov 23, 2022
    risk 0.57cvss 8.8epss 0.01

    A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled…

  • CVE-2022-41924CriNov 23, 2022
    risk 0.56cvss 9.6epss 0.02

    A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon `tailscaled`, which can then be used to remotely execute code. In the Tailscale Windows client, the local API was bound to a local TCP socket, and…

  • CVE-2023-28436MedMar 23, 2023
    risk 0.30cvss 5.7epss 0.00

    Tailscale is software for using Wireguard and multi-factor authentication (MFA). A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to prior to 1.38.2 in FreeBSD allows commands to be run with a higher privilege group ID than…