Vulnerabilities > Onionshare
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-04 | CVE-2021-41868 | Unspecified vulnerability in Onionshare OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality. | 9.8 |
2018-12-07 | CVE-2018-19960 | Improper Input Validation vulnerability in Onionshare The debug_mode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshare_server.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname. | 7.0 |
2017-01-30 | CVE-2016-5026 | Improper Access Control vulnerability in Onionshare hs.py in OnionShare before 0.9.1 allows local users to modify the hiddenservice by pre-creating the /tmp/onionshare directory. | 5.5 |