CNNVD-202508-2030 Information

CNNVD ID

CNNVD-202508-2030

Related CVE

CVE-2025-55201

• CNNVD Published: 2025-08-18

Description (Chinese)

Copier是Copier开源的一个用于渲染项目模板的库。 Copier 9.9.1之前版本存在路径遍历漏洞，该漏洞源于模板可读写任意文件，可能导致文件系统访问绕过。

Description (English)

Copier is a library of the Copier Open Source for rendering project templates. The previous version of Copier 9.9.1 had a loophole in the path, which stemmed from the fact that the template could read and write any file, which could lead to system access bypassing.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

Copier

Published

2025-08-18

Last Modified

2026-02-24

References

https://github.com/copier-org/copier/commit/3feea3b3ff3c20d80cbb16a2f3b9567ffc5606d1 https://github.com/copier-org/copier/security/advisories/GHSA-3xw7-v6cj-5q8h https://nvd.nist.gov/vuln/detail/CVE-2025-55201

Patch

https://copier.readthedocs.io/en/stable/