Описание
An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.
Ссылки
- PatchThird Party Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.3 (включая) до 2.4 (исключая)
cpe:2.3:a:onionshare:onionshare:*:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.00477
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 4 лет назад
An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.
CVSS3: 5.3
debian
больше 4 лет назад
An information disclosure vulnerability in OnionShare 2.3 before 2.4 a ...
EPSS
Процентиль: 64%
0.00477
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo