Update python-onionshare to 2.5 or later (currently shipped 2.2 is vulnerable). If not possible, drop it from Leap
Login to comment on this ticket.