EPSS
Percentile
30.8%
onionshare_cli is vulnerable to path traversal. The vulnerability exists in the common.py as it does not properly validate the access permissions, which allows an attacker to access sensitive information in the user’s home folder.
common.py
github.com/onionshare/onionshare/commit/c3eeaefb9f1f67afc81c75068e6e7216d9fe8bfb
github.com/onionshare/onionshare/pull/1449
github.com/onionshare/onionshare/releases/tag/v2.5
github.com/onionshare/onionshare/security/advisories/GHSA-jgm9-xpfj-4fq6