{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-23T07:12:21.238","vulnerabilities":[{"cve":{"id":"CVE-2022-21696","sourceIdentifier":"security-advisories@github.com","published":"2022-01-18T20:15:07.900","lastModified":"2026-06-17T04:26:46.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions it is possible to change the username to that of another chat participant with an additional space character at the end of the name string. An adversary with access to the chat environment can use the rename feature to impersonate other participants by adding whitespace characters at the end of the username."},{"lang":"es","value":"OnionShare es una herramienta de código abierto que permite compartir archivos, alojar sitios web y chatear con amigos de forma segura y anónima usando la red Tor. En las versiones afectadas es posible cambiar el nombre de usuario por el de otro participante en el chat con un carácter de espacio adicional al final de la cadena del nombre. Un adversario con acceso al entorno del chat puede usar la funcionalidad rename para suplantar a otros participantes al añadir caracteres de espacio en blanco al final del nombre de usuario"}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"onionshare","product":"onionshare","versions":[{"version":"< 2.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-23T14:12:06.972881Z","id":"CVE-2022-21696","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:onionshare:onionshare:*:*:*:*:*:*:*:*","versionEndExcluding":"2.5","matchCriteriaId":"B3A7A46B-5812-492A-B66B-DC43A15A0A38"}]}]}],"references":[{"url":"https://github.com/onionshare/onionshare/releases/tag/v2.5","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/onionshare/onionshare/security/advisories/GHSA-68vr-8f46-vc9f","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/onionshare/onionshare/releases/tag/v2.5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/onionshare/onionshare/security/advisories/GHSA-68vr-8f46-vc9f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}