Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/01/21 10:13 p.m.21 views

CVE-2026-23968 Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false

Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it...

6.8CVSS0.002EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.8 views

PT-2026-3872

Name of the Vulnerable Software and Affected Versions Copier versions prior to 9.11.2 Description Copier, a library and CLI app for rendering project templates, allows a malicious template author to overwrite arbitrary files. This occurs because a safe template can write to directories outside th...

7.1CVSS5.5AI score0.00224EPSS
Exploits1References14
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.8 views

Copier security vulnerabilities

Copier is an open-source library used for rendering project templates by Copier. Versions of Copier prior to 9.11.2 contained security vulnerabilities. These vulnerabilities stemmed from the use of symbolic links and default settings, which could lead to the inclusion of files or directories...

6.8CVSS5.8AI score0.002EPSS
Exploits1References3
OSV
OSV
added 2019/11/01 11:15 p.m.7 views

AZL-6326 CVE-2019-6470 affecting package bind for versions less than 9.16.15-3

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All...

7.5CVSS6.7AI score0.08813EPSS
Exploits1References1
OSV
OSV
added 2019/11/01 11:15 p.m.4 views

ALPINE-CVE-2019-6470

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All...

7.5CVSS6.9AI score0.08813EPSS
Exploits1References1
Rows per page
Query Builder