Copyparty is a portable file server. Versions prior to 1.18.9, the filter parameter for the "Recent Uploads" page allows arbitrary RegExes. If this feature is enabled (which is the default), an attacker can craft a filter which deadlocks the server. This is fixed in version 1.18.9.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H9001 Copyparty
APP9001< 1.18.9
Powiązane podatności
Cross Site Scripting vulnerability in copyparty before 1.9.2 allows a local attacker to execute arbitrary code...
Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability det...
Copyparty is a portable file server. Prior to v1.20.11., the nohtml config option, intended to prevent executi...
Copyparty is a portable file server. In versions prior to 1.20.9, an XSS allows for reflected cross-site scrip...
Copyparty is a portable file server. In versions prior to 1.19.8, there was a missing permission-check in the ...