This page lists publicly disclosed CVE vulnerabilities affecting google tunnelblick (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-4677 | Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value. | [email protected] | 4.4 | 0.04% | 2012-08-26 | 2026-04-29 |
| CVE-2012-4676 | The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485. | [email protected] | 1.2 | 0.04% | 2012-08-26 | 2026-04-29 |
| CVE-2012-3487 | Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process. | [email protected] | 1.2 | 0.04% | 2012-08-26 | 2026-04-29 |
| CVE-2012-3486 | Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event. | [email protected] | 6.9 | 0.04% | 2012-08-26 | 2026-04-29 |
| CVE-2012-3485 | Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call. | [email protected] | 7.2 | 27.76% | 2012-08-26 | 2026-04-29 |
| CVE-2012-3484 | Tunnelblick 3.3beta20 and earlier relies on a test for specific ownership and permissions to determine whether a program can be safely executed, which allows local users to bypass intended access restrictions and gain privileges via a (1) user-mountable image or (2) network share. | [email protected] | 7.2 | 0.04% | 2012-08-26 | 2026-04-29 |
| CVE-2012-3483 | Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script file. | [email protected] | 6.2 | 0.62% | 2012-08-26 | 2026-04-29 |