FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-29 17:22:06 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
1b15a554-c981-11ed-bb39-901b0e9408dc	tailscale -- security vulnerability in Tailscale SSH Tailscale team reports: A vulnerability identified in the implementation of Tailscale SSH in FreeBSD allowed commands to be run with a higher privilege group ID than that specified by Tailscale SSH access rules. Discovery 2023-03-22 Entry 2023-03-23 tailscale < 1.38.2 CVE-2023-28436 https://tailscale.com/security-bulletins/#ts-2023-003
e0f26ac5-6a17-11ed-93e7-901b0e9408dc	tailscale -- Security vulnerability in the client Tailscale team reports: A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. Discovery 2022-11-21 Entry 2022-11-22 tailscale < 1.32.3 CVE-2022-41925 https://tailscale.com/security-bulletins/#ts-2022-005
ee6936da-0ddd-11ef-9c21-901b0e9408dc	tailscale -- Insufficient inbound packet filtering in subnet routers and exit nodes Tailscale team reports: In Tailscale versions earlier than 1.66.0, exit nodes, subnet routers, and app connectors, could allow inbound connections to other tailnet nodes from their local area network (LAN). This vulnerability only affects Linux exit nodes, subnet routers, and app connectors in tailnets where ACLs allow "src": "*", such as with default ACLs. Discovery 2024-05-08 Entry 2024-05-09 tailscale < 1.66.0 https://tailscale.com/security-bulletins#ts-2024-005

VuXML ID

Description

1b15a554-c981-11ed-bb39-901b0e9408dc

tailscale -- security vulnerability in Tailscale SSH

Tailscale team reports:

A vulnerability identified in the implementation of Tailscale SSH in FreeBSD allowed commands to be run with a higher privilege group ID than that specified by Tailscale SSH access rules.

Discovery 2023-03-22
Entry 2023-03-23
tailscale

< 1.38.2

CVE-2023-28436
https://tailscale.com/security-bulletins/#ts-2023-003

e0f26ac5-6a17-11ed-93e7-901b0e9408dc

tailscale -- Security vulnerability in the client

Tailscale team reports:

A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables.

Discovery 2022-11-21
Entry 2022-11-22
tailscale

< 1.32.3

CVE-2022-41925
https://tailscale.com/security-bulletins/#ts-2022-005

ee6936da-0ddd-11ef-9c21-901b0e9408dc

tailscale -- Insufficient inbound packet filtering in subnet routers and exit nodes

Tailscale team reports:

In Tailscale versions earlier than 1.66.0, exit nodes, subnet routers, and app connectors, could allow inbound connections to other tailnet nodes from their local area network (LAN). This vulnerability only affects Linux exit nodes, subnet routers, and app connectors in tailnets where ACLs allow "src": "*", such as with default ACLs.

Discovery 2024-05-08
Entry 2024-05-09
tailscale

< 1.66.0

https://tailscale.com/security-bulletins#ts-2024-005