Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/05/11 5:32 p.m.6 views

EUVD-2026-29165

Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer cleanthreadhtmlbody used for discussion notification emails fails to remove tags from user-generated discussion post content. This content is rendered with Django's |safe template filter in...

4.6CVSS5.9AI score0.0003EPSS
Exploits1References2
EUVD
EUVDadded 2026/01/21 10:19 p.m.2 views

EUVD-2026-4141

Copier safe template has arbitrary filesystem write access via directory symlinks when preservesymlinks: true...

6.9CVSS5.6AI score0.00085EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2026/01/21 10:19 p.m.9 views

Copier safe template has arbitrary filesystem write access via directory symlinks when _preserve_symlinks: true

Impact Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write to arbitrary directories outside the...

7.1CVSS5.8AI score0.00085EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2026/01/21 10:8 p.m.1 views

GHSA-XJHM-GP88-8PFX Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false

Impact Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently include arbitrary files/directories outsid...

6.8CVSS6AI score0.00049EPSS
Exploits1References4
EUVD
EUVDadded 2026/01/21 10:8 p.m.2 views

EUVD-2026-4142

Copier safe template has arbitrary filesystem read access via symlinks when preservesymlinks: false...

6.8CVSS5.6AI score0.00049EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-25131

Malicious code in bioql PyPI...

6.9CVSS6.3AI score0.00068EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/08/18 4:21 p.m.2 views

CVE-2025-55201 Copier safe template has arbitrary filesystem read/write access

Copier library and CLI app for rendering project templates. Prior to 9.9.1, a safe template can currently read and write arbitrary files because Copier exposes a few pathlib.Path objects in the Jinja context which have unconstrained I/O methods. This effectively renders the security model w.r.t...

8.5CVSS7.2AI score0.00058EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/08/18 4:21 p.m.7 views

CVE-2025-55201 Copier safe template has arbitrary filesystem read/write access

Copier library and CLI app for rendering project templates. Prior to 9.9.1, a safe template can currently read and write arbitrary files because Copier exposes a few pathlib.Path objects in the Jinja context which have unconstrained I/O methods. This effectively renders the security model w.r.t...

8.5CVSS0.00058EPSS
Exploits0References2
Rows per page
Query Builder