GHSA-7g47-xxff-9p85

Опубликовано: 19 нояб. 2021

Источник: github

Github: Прошло ревью

CVSS3: 9.8

Описание

Remote unauthenticated attackers able to upload files in Onionshare

OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality.

Наименование

onionshare-cli

pip

Затронутые версииВерсия исправления

>= 2.3, < 2.4

2.4

EPSS

Процентиль: 72%

0.00712

Низкий

9.8 Critical

CVSS3

CVE-2021-41868

CVSS3: 9.8

ubuntu

больше 4 лет назад

OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality.

CVE-2021-41868

CVSS3: 9.8

nvd

больше 4 лет назад

OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality.

CVE-2021-41868

CVSS3: 9.8

debian

больше 4 лет назад

OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to u ...

EPSS

Процентиль: 72%

0.00712

Низкий

9.8 Critical

CVSS3