vulnerability

Debian: CVE-2022-21693: onionshare -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Jan 18, 2022	Jul 30, 2024	Aug 15, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Jan 18, 2022

Added

Jul 30, 2024

Modified

Aug 15, 2025

Description

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions an adversary with a primitive that allows for filesystem access from the context of the Onionshare process can access sensitive files in the entire user home folder. This could lead to the leaking of sensitive data. Due to the automatic exclusion of hidden folders, the impact is reduced. This can be mitigated by usage of the flatpak release.

Solution

debian-upgrade-onionshare

References

CVE-2022-21693
https://attackerkb.com/topics/CVE-2022-21693
CWE-22

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today