Launch Week Day 1: Announcing Security Design Review
Start for Free
pypi

copyparty

View on pypi registry
16 Total advisories
16 Vulnerabilities
0 Malware

Vulnerabilities

LOW 3.7
PyPI

CVE-2026-32109

Copyparty has unexpected JavaScript execution via crafted URL to folder with `.prologue.html`
UNKNOWN
PyPI

CVE-2026-32108

Copyparty ftp/sftp: Sharing a single file did not fully restrict source-folder access
MEDIUM 4.4
PyPI

CVE-2026-32109

CVE-2026-32109
MEDIUM 6.5
PyPI

CVE-2026-32108

CVE-2026-32108
MEDIUM 4.6
PyPI

CVE-2026-30974

copyparty: volflag `nohtml` did not block javascript in svg files
MEDIUM 5.4
PyPI

CVE-2026-27948

Copyparty vulnerable to reflected XSS via setck parameter
UNKNOWN
PyPI

CVE-2025-58753

copyparty: Sharing a single file does not fully restrict access to other files in source folder
MEDIUM 6.3
PyPI

CVE-2023-38501

copyparty vulnerable to reflected cross-site scripting via k304 parameter
HIGH 7.5
PyPI

CVE-2025-54796

copyparty allows Regex Denial of Service (ReDoS) in the upload listing
MEDIUM 6.3
PyPI

CVE-2025-54589

copyparty Reflected XSS via Filter Parameter
MEDIUM 5.4
PyPI

CVE-2025-54423

copyparty has DOM-Based XSS vulnerability when displaying multimedia metadata
LOW 3.6
PyPI

CVE-2025-27145

copyparty renders unsanitized filenames as HTML when user uploads empty files
HIGH 7.5
PyPI

CVE-2023-37474

copyparty vulnerable to path traversal attack
MEDIUM 6.3
PyPI

GHSA-cw7j-v52w-fp5r

copyparty vulnerable to reflected cross-site scripting via hc parameter
MEDIUM 6.1
PyPI

CVE-2023-38501

CVE-2023-38501
UNKNOWN
PyPI

CVE-2023-37474

CVE-2023-37474

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes