onionshare-cli
PyPI11 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting onionshare-clipage 1 of 1
- CVE-2021-41867MEDIUMCVSS 5.3EG 5.3✓ Fixed in 2.42021-10-04
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.
- CVE-2021-41868CRITICALCVSS 9.8EG 9.8✓ Fixed in 2.42021-10-04
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality.
- CVE-2022-21688HIGHCVSS 7.5EG 7.5✓ Fixed in 2.52022-01-18
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. Affected versions of the desktop application were found to be vulnerable to denial of service…
- CVE-2022-21689HIGHCVSS 7.5EG 7.5✓ Fixed in 2.52022-01-18
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurrent uploads to 100 per second and blocks …
- CVE-2022-21690HIGHCVSS 8.7EG 8.7✓ Fixed in 2.52022-01-18
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions The path parameter of the requested URL is not sanitized before being pa…
- CVE-2022-21691MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.52022-01-18
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions chat participants can spoof their channel leave message, tricking others…
- CVE-2022-21692MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.52022-01-18
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions anyone with access to the chat environment can write messages disguised …
- CVE-2022-21693MEDIUMCVSS 6.3EG 6.3✓ Fixed in 2.52022-01-18
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions an adversary with a primitive that allows for filesystem access from the…
- CVE-2022-21694LOWCVSS 3.7EG 3.7✓ Fixed in 2.52022-01-18
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. The website mode of the onionshare allows to use a hardened CSP, which will block any scripts…
- CVE-2022-21695MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.52022-01-18
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users (or unauthenticated in public mode) can send message…
- CVE-2022-21696MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.52022-01-18
vulnerable: 2.3, 2.3.1, 2.3.2, 2.3.3
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions it is possible to change the username to that of another chat participan…
Check whether onionshare-cli is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for onionshare-cli CVEs against the assets you own.
Start Free Scan →