5 matches found
CVE-2026-23968 Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false
Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it...
PT-2026-3872
Name of the Vulnerable Software and Affected Versions Copier versions prior to 9.11.2 Description Copier, a library and CLI app for rendering project templates, allows a malicious template author to overwrite arbitrary files. This occurs because a safe template can write to directories outside th...
Copier security vulnerabilities
Copier is an open-source library used for rendering project templates by Copier. Versions of Copier prior to 9.11.2 contained security vulnerabilities. These vulnerabilities stemmed from the use of symbolic links and default settings, which could lead to the inclusion of files or directories...
AZL-6326 CVE-2019-6470 affecting package bind for versions less than 9.16.15-3
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All...
ALPINE-CVE-2019-6470
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All...