CNNVD-202508-2032 Information
Aug 18, 2025
cve
CNNVD ID
CNNVD-202508-2032
Related CVE
- CNNVD Published: 2025-08-18
Description (Chinese)
Copier是Copier开源的一个用于渲染项目模板的库。 Copier 7.1.0至9.9.1之前版本存在路径遍历漏洞,该漏洞源于模板可写入目标路径外文件,可能导致任意文件覆盖。
Description (English)
Copier is a library of the Copier Open Source for rendering project templates. Copier 7.1.0-9.9.1 has a loophole in the path, which stems from the fact that templates can be written outside the target path file, which may result in any file being covered.
Hazard Level
Medium
Vulnerability Type
路径遍历
Affected Vendor
Copier
Published
2025-08-18
Last Modified
2026-02-24
References
https://github.com/copier-org/copier/security/advisories/GHSA-p7q8-grrj-3m8w https://github.com/copier-org/copier/commit/fdbc0167cc22780b497e4db176feaf6f024757d6 https://nvd.nist.gov/vuln/detail/CVE-2025-55214
Patch
https://copier.readthedocs.io/en/stable/
Share on: