Lucene search
GoogleOSV:GHSA-PWJQ-6WRH-5W8QHistoryMay 14, 2022 - 1:36 a.m.
OnionShare Predictable Pathname
2022-05-1401:36:38
Google
osv.dev
7
onionshare
predictable pathname
debug mode
vulnerability
file overwrite
sensitive information
local users
software
EPSS
0
Percentile
5.1%
The debug_mode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshare_server.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname.
Related
ubuntucve
ubuntucve
CVE-2018-19960
2018-12-07 00:00:00
osv
osv
CVE-2018-19960
2018-12-07 16:29:00
python-onionshare-2.3.3-2.5 on GA media
2024-06-15 00:00:00
python3-onionshare-2.6-4.1 on GA media
2024-06-15 00:00:00
github
github
Withdrawn Advisory: OnionShare Predictable Pathname
2022-05-14 01:36:38
prion
prion
Design/Logic Flaw
2018-12-07 16:29:00
cvelist
cvelist
CVE-2018-19960
2018-12-07 16:00:00
nvd
nvd
CVE-2018-19960
2018-12-07 16:29:00
redhatcve
redhatcve
CVE-2018-19960
2022-05-20 22:42:58
debiancve
debiancve
CVE-2018-19960
2018-12-07 16:29:00
cve
cve
CVE-2018-19960
2018-12-07 16:29:00