UBUNTU-CVE-2026-54707

Source
https://ubuntu.com/security/CVE-2026-54707
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-54707.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-54707
Upstream
  • CVE-2026-54707
Published
2026-07-14T00:00:00Z
Modified
2026-07-14T11:00:12.777598736Z
Severity
  • Ubuntu - medium
Summary
[none]
Details

[OnionShare Receive mode writes uploaded files even when file uploads are disabled]

References

Affected packages

Ubuntu:24.04:LTS
onionshare

Package

Name
onionshare
Purl
pkg:deb/ubuntu/onionshare?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.6-5
2.6-6ubuntu1
2.6-6ubuntu1.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "onionshare",
            "binary_version": "2.6-6ubuntu1.1"
        },
        {
            "binary_name": "onionshare-cli",
            "binary_version": "2.6-6ubuntu1.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-54707.json"
Ubuntu:26.04:LTS
onionshare

Package

Name
onionshare
Purl
pkg:deb/ubuntu/onionshare?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.6.3-1
2.6.3-1build1
2.6.3-3

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "onionshare",
            "binary_version": "2.6.3-3"
        },
        {
            "binary_name": "onionshare-cli",
            "binary_version": "2.6.3-3"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-54707.json"
Ubuntu:Pro:16.04:LTS
onionshare

Package

Name
onionshare
Purl
pkg:deb/ubuntu/onionshare?arch=source&distro=esm-apps%2Fxenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.7-1
0.7.1-1
0.8.1-1
0.8.1-1ubuntu0.1~esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "onionshare",
            "binary_version": "0.8.1-1ubuntu0.1~esm1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-54707.json"
Ubuntu:Pro:18.04:LTS
onionshare

Package

Name
onionshare
Purl
pkg:deb/ubuntu/onionshare?arch=source&distro=esm-apps%2Fbionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.2-1
0.9.2-1ubuntu0.1~esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "onionshare",
            "binary_version": "0.9.2-1ubuntu0.1~esm1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-54707.json"
Ubuntu:Pro:20.04:LTS
onionshare

Package

Name
onionshare
Purl
pkg:deb/ubuntu/onionshare?arch=source&distro=esm-apps%2Ffocal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.1-1
2.2-1
2.2-1ubuntu0.1~esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "onionshare",
            "binary_version": "2.2-1ubuntu0.1~esm1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-54707.json"
Ubuntu:Pro:22.04:LTS
onionshare

Package

Name
onionshare
Purl
pkg:deb/ubuntu/onionshare?arch=source&distro=esm-apps%2Fjammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.2-3
2.2-3ubuntu0.1~esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "onionshare",
            "binary_version": "2.2-3ubuntu0.1~esm1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-54707.json"