The following list contains advisories for security issues in tinc in old versions:
- [CVE-2018-16758](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16758):
- Tinc 1.0.34 and earlier allow a [man-in-the-middle attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)
+ Michael Yonli discovered that tinc 1.0.34 and earlier allow a [man-in-the-middle attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)
that, even if the MITM cannot decrypt the traffic sent between the two
endpoints, when the MITM can correctly predict when an ephemeral key exchange
message is sent in a TCP connection between two nodes, allows the MITM to
The tinc 1.1pre versions are not affected by this.
- [CVE-2018-16738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16738):
- Tinc versions 1.0.30 to 1.0.34 allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack),
+ Michael Yonli discoverd that tinc versions 1.0.30 to 1.0.34 allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack),
similar to CVE-2018-16737, but due to the mitigations put in place for the Sweet32
attack in tinc 1.0.30, it now requires a [timing attack](https://en.wikipedia.org/wiki/Timing_attack)
that has only a limited time to complete.
VPN that still use the legacy protocol from tinc version 1.0.x.
- [CVE-2018-16737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16737):
- Tinc 1.0.29 and earlier allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack)
+ Michael Yonly discovered that tinc 1.0.29 and earlier allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack)
that could allow a remote attacker to establish one-way communication with a
tinc node, allowing it to send fake control messages and inject packets into
the VPN. The attack takes only a few seconds to complete.