CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
Percentile
41.6%
OnionShare is an open source tool that lets you securely and anonymously
share files, host websites, and chat with friends using the Tor network.
The website mode of the onionshare allows to use a hardened CSP, which will
block any scripts and external resources. It is not possible to configure
this CSP for individual pages and therefore the security enhancement cannot
be used for websites using javascript or external resources like fonts or
images.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | onionshare | < any | UNKNOWN |
ubuntu | 20.04 | noarch | onionshare | < any | UNKNOWN |
ubuntu | 22.04 | noarch | onionshare | < any | UNKNOWN |
ubuntu | 24.04 | noarch | onionshare | < any | UNKNOWN |
ubuntu | 16.04 | noarch | onionshare | < any | UNKNOWN |
github.com/onionshare/onionshare/issues/1389
github.com/onionshare/onionshare/releases/tag/v2.5
github.com/onionshare/onionshare/security/advisories/GHSA-h29c-wcm8-883h
launchpad.net/bugs/cve/CVE-2022-21694
nvd.nist.gov/vuln/detail/CVE-2022-21694
security-tracker.debian.org/tracker/CVE-2022-21694
www.cve.org/CVERecord?id=CVE-2022-21694
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
Percentile
41.6%