Description
Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the `--UNSAFE,--trust` flag. As it turns out, a safe template can currently include arbitrary files/directories outside the local template clone location by using symlinks along with `_preserve_symlinks: false` (which is Copier's default setting). Version 9.11.2 patches the issue.
Published: 2026-01-21
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Immediate Patch
AI Analysis

Impact

The flaw in the Copier tool stems from its default _preserve_symlinks setting of false. When rendering a so‑called safe template, the tool follows symbolic links inside the template even if they point outside the clone directory. This path resolution bug lets an attacker read any file the process can access, creating a confidentiality breach. The weakness is classified as CWE‑61, an insecure path traversal issue.

Affected Systems

The issue affects all released versions of the Copier CLI and library from copier‑org prior to 9.11.2. Version 9.11.2 includes a fix that stops symlinks from reaching outside the template directory.

Risk and Exploitability

The CVSS score of 6.8 indicates medium severity, and the EPSS score of less than 1% signals a very low likelihood of exploitation. The vulnerability is not listed in CISA KEV. Based on the description, it is inferred that exploitation requires an attacker who can supply a malicious template or otherwise control the template rendering process locally. No publicly known remote attack surface exists unless Copier is run as part of a network‑exposed service. Consequently, the risk is a local information‑disclosure scenario with limited exploitation probability.

Generated by OpenCVE AI on April 18, 2026 at 15:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Copier version 9.11.2 or newer, which prevents symlink resolution outside the template directory.
  • If an upgrade cannot be performed immediately, set _preserve_symlinks to true when rendering templates; this disables unsafe symlink resolution.
  • Validate any template repository before use, ensuring no symbolic links point to paths outside the template directory.

Generated by OpenCVE AI on April 18, 2026 at 15:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-xjhm-gp88-8pfx Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false
History

Mon, 02 Feb 2026 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:copier-org:copier:*:*:*:*:*:python:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Copier-org
Copier-org copier
Vendors & Products Copier-org
Copier-org copier

Thu, 22 Jan 2026 23:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 21 Jan 2026 22:30:00 +0000

Type Values Removed Values Added
Description Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the `--UNSAFE,--trust` flag. As it turns out, a safe template can currently include arbitrary files/directories outside the local template clone location by using symlinks along with `_preserve_symlinks: false` (which is Copier's default setting). Version 9.11.2 patches the issue.
Title Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false
Weaknesses CWE-61
References
Metrics cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Copier-org Copier
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-22T16:49:32.054Z

Reserved: 2026-01-19T14:49:06.314Z

Link: CVE-2026-23968

cve-icon Vulnrichment

Updated: 2026-01-22T15:09:29.704Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-21T23:15:52.637

Modified: 2026-02-02T14:11:03.307

Link: CVE-2026-23968

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T15:45:04Z

Weaknesses