Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's _external_data feature allows a template to load YAML files using template-controlled paths. If untrusted templates are in scope, a malicious template can read attacker-chosen YAML-parseable local files that are accessible to the user running Copier and expose their contents in rendered output.
This issue has been patched in version 9.14.1.
Attack Parameters
Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Privileges Required
None
No privileges needed
User Interaction
Required
User action required
Impact Assessment
Confidentiality
High
Complete data leak
Integrity
None
No data modification
Availability
None
No disruption
CVSS Vector v3.1
Weakness Type (CWE)
Vulnerable Products 1
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Copier-Org Copier
cpe:2.3:a:copier-org:copier:*:*:*:*:*:python:*:*
|
— |
9.14.1
|
References 3
https://github.com/copier-org/copier/commit/5413062eb17b73dc885f5e645cdc161e69e…
security-advisories@github.com
https://github.com/copier-org/copier/releases/tag/v9.14.1
security-advisories@github.com
https://github.com/copier-org/copier/security/advisories/GHSA-hgjq-p8cr-gg4h
security-advisories@github.com