Описание
An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| onionshare | fixed | 2.5-1 | package | |
| onionshare | not-affected | bullseye | package | |
| onionshare | not-affected | buster | package |
EPSS
Процентиль: 64%
0.00477
Низкий
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 4 лет назад
An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.
CVSS3: 5.3
nvd
больше 4 лет назад
An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.
EPSS
Процентиль: 64%
0.00477
Низкий