Executive Summary

CVE-2026-45017 is a high-severity vulnerability in the Python package python-liquid, specifically affecting versions prior to 2.2.0.

The vulnerability arises because the FileSystemLoader and CachingFileSystemLoader components do not properly restrict file access when given absolute paths.

This flaw allows malicious template authors to bypass intended filesystem boundaries and load arbitrary files using the Liquid template language's {% include %} and {% render %} tags.

However, the targeted files must contain valid Liquid markup and be readable by the application process for the exploit to succeed.

The issue is classified as a path traversal vulnerability (CWE-22) and was fixed in version 2.2.0 by adding checks against absolute paths in the loader's resolution logic.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can allow an attacker who can author malicious templates to read and render arbitrary files on the server.

Such unauthorized file access can lead to exposure of sensitive information contained in those files if they include valid Liquid markup and are accessible by the application.

This could result in data leakage, unauthorized disclosure of configuration files, credentials, or other critical data.

The impact depends on the files accessible and the privileges of the application process.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves the Python package python-liquid versions prior to 2.2.0, specifically in the FileSystemLoader and CachingFileSystemLoader components that allow reading files outside their intended search paths when given absolute paths.

To detect if your system is vulnerable, first check the installed version of python-liquid by running the command:

• pip show python-liquid

If the version is earlier than 2.2.0, your system is vulnerable.

Additionally, you can audit your codebase or templates for usage of the {% include %} and {% render %} tags that might be passing absolute paths to the loaders.

There are no specific network detection commands provided, as this is a local template engine vulnerability, but reviewing logs or application behavior for unexpected file reads or template rendering errors involving absolute paths may help.

Useful 0 Not Useful 0

Mitigation Strategies

The primary immediate mitigation step is to upgrade the python-liquid package to version 2.2.0 or later, where the vulnerability is fixed.

If upgrading is not immediately possible, you can implement a custom loader by overriding the resolve_path() method in FileSystemLoader or CachingFileSystemLoader to enforce stricter path validation and prevent absolute path resolution outside the intended directories.

Avoid using absolute paths in the {% include %} and {% render %} tags in your templates until the fix is applied.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in Python Liquid allows malicious template authors to read arbitrary files outside the intended search paths. This unauthorized file access could lead to exposure of sensitive data if such files contain personal or protected information.

Such exposure may impact compliance with data protection regulations like GDPR and HIPAA, which require strict controls over access to personal and sensitive data. If an attacker exploits this vulnerability to access protected files, it could result in a breach of confidentiality obligations under these standards.

Mitigating this vulnerability by upgrading to version 2.2.0 or implementing stricter path validation is essential to maintain compliance and reduce the risk of unauthorized data disclosure.

Useful 0 Not Useful 0