9001

Name of the Vulnerable Software and Affected Versions: Copyparty versions prior to 1.19.8 Description: Copyparty is a portable file server. A missing permission-check in the shares feature (`shr` global-option) allowed access to sibling files within a shared folder by guessing filenames when a share was created for only one file inside that folder. Access was limited to sibling files and did not extend to subdirectories. This issue did not affect filekeys or dirkeys. Recommendations: Update to version 1.19.8 or later.