tailscale.com

Go3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting tailscale.compage 1 of 1

CVE-2022-41924CRITICALCVSS 9.6EG 9.6✓ Fixed in 1.32.3
2022-11-23
A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon `tailscaled`, which can then be used to remotely execute code. In the Tailscale Windows client, the local API was bou…
CVE-2022-41925HIGHCVSS 8.8EG 8.8✓ Fixed in 1.32.3
2022-11-23
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. …
CVE-2023-28436MEDIUMCVSS 5.7EG 5.7✓ Fixed in 1.38.2
2023-03-23
Tailscale is software for using Wireguard and multi-factor authentication (MFA). A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to prior to 1.38.2 in FreeBSD allows commands to be run…

Check whether tailscale.com is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for tailscale.com CVEs against the assets you own.

Start Free Scan →