Description

Copier library and CLI app for rendering project templates. From 7.1.0 to before 9.9.1, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write files outside the destination path where a project shall be generated or updated. This is possible when rendering a generated directory structure whose rendered path is either a relative parent path or an absolute path. Constructing such paths is possible using Copier's builtin pathjoin Jinja filter and its builtin _copier_conf.sep variable, which is the platform-native path separator. This way, a malicious template author can create a template that overwrites arbitrary files (according to the user's write permissions), e.g., to cause havoc. This vulnerability is fixed in 9.9.1.

INFO

Published Date :

2025-08-18T16:36:46.621Z

Last Modified :

2025-08-18T19:47:31.803Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-55214 vulnerability.

Vendors Products
Copier-org
  • Copier
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-55214.

URL Resource
https://github.com/copier-org/copier/commit/fdbc0167cc22780b497e4db176feaf6f024757d6 cve-icon cve-icon
https://github.com/copier-org/copier/security/advisories/GHSA-p7q8-grrj-3m8w cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability