{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23968", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-19T14:49:06.314Z", "datePublished": "2026-01-21T22:13:25.377Z", "dateUpdated": "2026-01-22T16:49:32.054Z"}, "containers": {"cna": {"title": "Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false", "problemTypes": [{"descriptions": [{"cweId": "CWE-61", "lang": "en", "description": "CWE-61: UNIX Symbolic Link (Symlink) Following", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/copier-org/copier/security/advisories/GHSA-xjhm-gp88-8pfx", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/copier-org/copier/security/advisories/GHSA-xjhm-gp88-8pfx"}, {"name": "https://github.com/copier-org/copier/commit/b3a7b3772d17cf0e7a4481978188c9f536c8d8f6", "tags": ["x_refsource_MISC"], "url": "https://github.com/copier-org/copier/commit/b3a7b3772d17cf0e7a4481978188c9f536c8d8f6"}], "affected": [{"vendor": "copier-org", "product": "copier", "versions": [{"version": "< 9.11.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-21T22:13:25.377Z"}, "descriptions": [{"lang": "en", "value": "Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the `--UNSAFE,--trust` flag. As it turns out, a safe template can currently include arbitrary files/directories outside the local template clone location by using symlinks along with `_preserve_symlinks: false` (which is Copier's default setting). Version 9.11.2 patches the issue."}], "source": {"advisory": "GHSA-xjhm-gp88-8pfx", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-22T15:09:28.359725Z", "id": "CVE-2026-23968", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T16:49:32.054Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23968", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-22T15:09:28.359725Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T15:09:29.704Z"}}], "cna": {"title": "Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false", "source": {"advisory": "GHSA-xjhm-gp88-8pfx", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "copier-org", "product": "copier", "versions": [{"status": "affected", "version": "< 9.11.2"}]}], "references": [{"url": "https://github.com/copier-org/copier/security/advisories/GHSA-xjhm-gp88-8pfx", "name": "https://github.com/copier-org/copier/security/advisories/GHSA-xjhm-gp88-8pfx", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/copier-org/copier/commit/b3a7b3772d17cf0e7a4481978188c9f536c8d8f6", "name": "https://github.com/copier-org/copier/commit/b3a7b3772d17cf0e7a4481978188c9f536c8d8f6", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the `--UNSAFE,--trust` flag. As it turns out, a safe template can currently include arbitrary files/directories outside the local template clone location by using symlinks along with `_preserve_symlinks: false` (which is Copier's default setting). Version 9.11.2 patches the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-61", "description": "CWE-61: UNIX Symbolic Link (Symlink) Following"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-21T22:13:25.377Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23968", "state": "PUBLISHED", "dateUpdated": "2026-01-22T16:49:32.054Z", "dateReserved": "2026-01-19T14:49:06.314Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-21T22:13:25.377Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:copier-org:copier:*:*:*:*:*:python:*:*", "matchCriteriaId": "D801CAA3-21AA-451E-AB4E-8D30E9C5345D", "versionEndExcluding": "9.11.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the `--UNSAFE,--trust` flag. As it turns out, a safe template can currently include arbitrary files/directories outside the local template clone location by using symlinks along with `_preserve_symlinks: false` (which is Copier's default setting). Version 9.11.2 patches the issue."}], "id": "CVE-2026-23968", "lastModified": "2026-02-02T14:11:03.307", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-01-21T23:15:52.637", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/copier-org/copier/commit/b3a7b3772d17cf0e7a4481978188c9f536c8d8f6"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/copier-org/copier/security/advisories/GHSA-xjhm-gp88-8pfx"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-61"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T15:31:11.956901+00:00", "value": {"mitigation_remediation": ["Upgrade to Copier version 9.11.2 or newer, which prevents symlink resolution outside the template directory.", "If an upgrade cannot be performed immediately, set _preserve_symlinks to true when rendering templates; this disables unsafe symlink resolution.", "Validate any template repository before use, ensuring no symbolic links point to paths outside the template directory."], "summary": {"action": "Immediate Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "The issue affects all released versions of the Copier CLI and library from copier\u2011org prior to 9.11.2. Version 9.11.2 includes a fix that stops symlinks from reaching outside the template directory.", "description_and_impact": "The flaw in the Copier tool stems from its default _preserve_symlinks setting of false. When rendering a so\u2011called safe template, the tool follows symbolic links inside the template even if they point outside the clone directory. This path resolution bug lets an attacker read any file the process can access, creating a confidentiality breach. The weakness is classified as CWE\u201161, an insecure path traversal issue.", "risk_and_exploitability": "The CVSS score of 6.8 indicates medium severity, and the EPSS score of less than 1% signals a very low likelihood of exploitation. The vulnerability is not listed in CISA KEV. Based on the description, it is inferred that exploitation requires an attacker who can supply a malicious template or otherwise control the template rendering process locally. No publicly known remote attack surface exists unless Copier is run as part of a network\u2011exposed service. Consequently, the risk is a local information\u2011disclosure scenario with limited exploitation probability."}}}}, "created": "2026-01-22T10:08:37.517617+00:00", "updated": "2026-04-18T15:45:04.263274+00:00", "vendors": ["copier-org", "copier-org$PRODUCT$copier"]}