CVE-2022-41925

Description

Tailscale daemon is vulnerable to information disclosure via CSRF in tailscale.com

Affected packages (2)

• Go/tailscale.comfrom 0, < 1.32.3
• Go/tailscale.com/cmdfrom 0, < 1.32.3

CVSS scores

References (5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-41925
• PATCHhttps://github.com/tailscale/tailscale
• WEBhttps://emily.id.au/tailscale
• WEBhttps://github.com/tailscale/tailscale/security/advisories/GHSA-qccm-wmcq-pwr6
• WEBhttps://tailscale.com/security-bulletins/#ts-2022-005