—
PYSEC-2026-696
Information disclosure vulnerability in OnionShare
상세
An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
참고
- https://nvd.nist.gov/vuln/detail/CVE-2021-41867 [ADVISORY]
- https://github.com/onionshare/onionshare [PACKAGE]
- https://github.com/onionshare/onionshare/compare/v2.3.3...v2.4 [WEB]
- https://www.ihteam.net/advisory/onionshare [WEB]
- https://pypi.org/project/onionshare-cli [PACKAGE]
- https://github.com/advisories/GHSA-6rvj-pw9w-jcvc [ADVISORY]