Vulnerabilities > Onionshare > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-18 | CVE-2022-21692 | Improper Authentication vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 4.0 |
| 2022-01-18 | CVE-2022-21694 | Incorrect Permission Assignment for Critical Resource vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 5.0 |
| 2022-01-18 | CVE-2022-21688 | Out-of-bounds Read vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 4.3 |
| 2022-01-18 | CVE-2022-21691 | Missing Authentication for Critical Function vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 4.0 |
| 2022-01-18 | CVE-2022-21693 | Path Traversal vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 4.0 |
| 2022-01-18 | CVE-2022-21695 | Improper Authentication vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 5.0 |
| 2022-01-18 | CVE-2022-21696 | Improper Input Validation vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 4.0 |
| 2021-10-04 | CVE-2021-41867 | Unspecified vulnerability in Onionshare An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature. | 5.0 |
| 2018-12-07 | CVE-2018-19960 | Improper Input Validation vulnerability in Onionshare The debug_mode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshare_server.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname. | 4.4 |