Lucene search
K

7 matches found

Veracode
Veracode
added 2025/08/21 6:38 a.m.6 views

Regular Expression Denial Of Service (ReDoS)

copyparty is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to allowing arbitrary RegEx inputs in the filter parameter of the "Recent Uploads" page, which allows an attacker to craft a malicious regex that deadlocks the server...

7.5CVSS7AI score0.00397EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2025/08/14 8:11 a.m.5 views

Cross-Site Scripting

Copyparty is vulnerable to reflected Cross-Site Scripting XSS. The vulnerability is due to improper escaping of user-supplied input in the filter parameter on the recent uploads page, which is reflected into a...

6.3CVSS6.4AI score0.02393EPSS
Exploits3References5Affected Software1
Snyk
Snyk
added 2025/08/02 12:45 a.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the filter parameter in the Recent Uploads page. An attacker can cause the server to become unresponsive by submitting specially crafted regular expressions. Note: This is exploitable if the Recent Uploads...

8.7CVSS7.1AI score0.00397EPSS
Exploits1References2
NVD
NVD
added 2025/08/02 12:15 a.m.7 views

CVE-2025-54796

Copyparty is a portable file server. Versions prior to 1.18.9, the filter parameter for the "Recent Uploads" page allows arbitrary RegExes. If this feature is enabled which is the default, an attacker can craft a filter which deadlocks the server. This is fixed in version 1.18.9...

7.5CVSS0.00397EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/08/01 11:38 p.m.4 views

CVE-2025-54796 Copyparty is vulnerable to Regex Denial of Service (ReDoS) attacks through "Recent Uploads" page

Copyparty is a portable file server. Versions prior to 1.18.9, the filter parameter for the "Recent Uploads" page allows arbitrary RegExes. If this feature is enabled which is the default, an attacker can craft a filter which deadlocks the server. This is fixed in version 1.18.9...

7.5CVSS7AI score0.00397EPSS
Exploits1References3
CVE
CVE
added 2025/08/01 11:38 p.m.24 views

CVE-2025-54796

CVE-2025-54796 concerns Copyparty, a portable file server. The vulnerability affects versions prior to 1.18.9 where the filter parameter on the "Recent Uploads" page accepts arbitrary RegExes. When this feature is enabled (the default), an attacker can craft a regex-based filter that deadlocks th...

7.5CVSS7AI score0.00397EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/08/01 11:38 p.m.20 views

CVE-2025-54796 Copyparty is vulnerable to Regex Denial of Service (ReDoS) attacks through "Recent Uploads" page

Copyparty is a portable file server. Versions prior to 1.18.9, the filter parameter for the "Recent Uploads" page allows arbitrary RegExes. If this feature is enabled which is the default, an attacker can craft a filter which deadlocks the server. This is fixed in version 1.18.9...

7.5CVSS0.00397EPSS
Exploits1References3
Rows per page
Query Builder