Описание
OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| onionshare | fixed | 2.5-1 | package | |
| onionshare | ignored | bullseye | package | |
| onionshare | not-affected | buster | package |
Примечания
https://github.com/onionshare/onionshare/issues/1396
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 4 лет назад
OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality.
CVSS3: 9.8
nvd
больше 4 лет назад
OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality.
CVSS3: 9.8
github
около 4 лет назад
Remote unauthenticated attackers able to upload files in Onionshare