Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/02 6:7 p.m.2 views

CVE-2026-34726

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's subdirectory setting is documented as the subdirectory to use as the template root. However, the current implementation accepts parent-directory traversal such as .. and uses it directly when...

4.4CVSS5.8AI score0.00383EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/04/02 6:7 p.m.13 views

CVE-2026-34726

CVE-2026-34726 affects Copier (library/CLI) prior to version 9.14.1. The issue stems from the _subdirectory setting, which is documented as the template root but can accept directory traversal like .., and is used directly to compute the template root. This allows a template to escape its own dir...

4.4CVSS5.8AI score0.00383EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/02 6:7 p.m.2 views

CVE-2026-34726 Copier `_subdirectory` allows template root escape via parent-directory traversal

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's subdirectory setting is documented as the subdirectory to use as the template root. However, the current implementation accepts parent-directory traversal such as .. and uses it directly when...

4.4CVSS5.8AI score0.00383EPSS
Exploits1References3
Circl
Circl
added 2026/03/31 12:7 p.m.5 views

CVE-2026-34726

creationtimestamp| type| source ---|---|--- 2026-03-31 12:07:58+00:00| published-proof-of-concept| https://github.com/copier-org/copier/security/advisories/GHSA-85v3-4m8g-hrh6...

4.4CVSS5.8AI score0.00383EPSS
Exploits1References1
Rows per page
Query Builder