CVE-2026-23986 Copier safe template has arbitrary filesystem write access via directory symlinks when _preserve_symlinks: true

Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it...

CVE-2026-23986

CVE-2026-23986 affects Copier (library and CLI). A safe template can still write outside the destination when using a symlink and _preserve_symlinks: true, enabling a malicious template to overwrite arbitrary files within the user’s write permissions. This risk exists prior to version 9.11.2 and ...

EUVD-2026-4141

Copier safe template has arbitrary filesystem write access via directory symlinks when preservesymlinks: true...

Copier safe template has arbitrary filesystem write access via directory symlinks when _preserve_symlinks: true

Impact Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write to arbitrary directories outside the...

CLSA-2025-1759864776 Fix CVE(s): CVE-2025-6020

SECURITY UPDATE: fix privilege escalation in pamnamespace - debian/patches-applied/CVE-2025-6020-pre.patch: prerequisite changes - debian/patches-applied/CVE-2025-6020.patch: enforce proper handling of instance directory symlinks to prevent mounting arbitrary paths - CVE-2025-6020...

SUSE CVE-2007-4131

Directory traversal vulnerability in the containsdotdot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. slash slash dot dot sequences in directory symlinks in a TAR archive...

GHSA-P5PC-M4Q7-7QM9 Helm Unsafe Link Following

In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service DoS via a special file such as /dev/urandom, via...

SUSE SLES15 Security Update : permissions (SUSE-SU-2020:1163-1)

This update for permissions fixes the following issues : Security issue fixed : CVE-2020-8013: Fixed a local privilege escalation with mrsh and wodim bsc1163922. Non-security issues fixed : Fixed regression where chkstat breaks without /proc available bsc1160764, bsc1160594 Fixed capability...

SUSE-RU-2020:0603-1 Recommended update for permissions

This update for permissions fixes the following issues: - CVE-2020-8013: Fixed an improper check which could have allowed the setting of unintented setuid bits bsc1163922. - Fixed handling of relative directory symlinks in chkstat. - Whitelisted postgres sticky directories bsc1123886. - Fixed...

CVE-2007-4134

Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. slash slash dot dot sequences in directory symlinks in a TAR archive...

DEBIAN-CVE-2007-4131

Directory traversal vulnerability in the containsdotdot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. slash slash dot dot sequences in directory symlinks in a TAR archive...

CVE-2007-4131

Directory traversal vulnerability in the containsdotdot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. slash slash dot dot sequences in directory symlinks in a TAR archive...