CVE-2022-21691 Information
Jun 07, 2022
cve
Description
OnionShare is an open source tool that lets you securely and anonymously share files host websites and chat with friends using the Tor network. In affected versions chat participants can spoof their channel leave message tricking others into assuming they left the chatroom.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Reference
https://github.com/onionshare/onionshare/releases/tag/v2.5 https://github.com/onionshare/onionshare/security/advisories/GHSA-w9m4-7w72-r766
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
LOW
Base Score
NONE
Base Severity
4.3
Share on: