CVE-2026-53951
Received Received - Intake

Copier Template Trust Bypass via Path Traversal

Vulnerability report for CVE-2026-53951, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-08

Last updated on: 2026-07-08

Assigner: GitHub, Inc.

Description

Copier is a library and CLI app for rendering project templates. In versions 9.5.0 through 9.15.1, the `trust` setting's prefix match (`copier/_settings.py`) compares the template URL against a trusted prefix with a raw `str.startswith` and no path normalization, while the URL is normalized when the template is actually fetched (`Path.resolve()` for local paths; libcurl dot-segment removal for `https`). A template reference that textually starts with a trusted prefix but contains `..` is therefore granted trust yet resolves to a different, attacker-controlled template, whose `tasks` / `migrations` / `jinja_extensions` then run without the `--trust` prompt β€” arbitrary command execution. Version 9.15.2 patches the issue.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-08
Last Modified
2026-07-08
Generated
2026-07-08
AI Q&A
2026-07-08
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
copier-org copier From 9.5.0 (inc) to 9.15.1 (inc)
copier-org copier 9.15.2

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The vulnerability allows arbitrary command execution by bypassing the trust-prefix mechanism in the Copier tool, which could lead to unauthorized code execution and potential compromise of systems using the tool.

Such unauthorized execution risks could impact compliance with standards and regulations like GDPR and HIPAA, which require strict controls over data integrity, confidentiality, and system security.

If exploited, this vulnerability might lead to unauthorized access or modification of sensitive data or system configurations, thereby violating regulatory requirements for protecting personal or health information.

However, the provided information does not explicitly discuss compliance impacts or specific regulatory considerations.

Executive Summary

CVE-2026-53951 is a vulnerability in the Copier tool (versions 9.5.0 to 9.15.1) that allows an attacker to bypass the trust-prefix mechanism via path traversal, enabling arbitrary command execution without user confirmation.

The issue arises because the trust check compares the raw template URL against a trusted prefix using a simple string prefix match without path normalization, while the actual template fetching normalizes paths.

This allows a malicious URL like `https://github.com/trusted-org/../attacker-org/repo.git` to appear trusted (since it starts with the trusted prefix) but resolve to a different, attacker-controlled template.

The attacker can then execute tasks, migrations, or Jinja extensions embedded in the template without the `--trust` prompt, leading to arbitrary command execution.

Impact Analysis

This vulnerability can lead to arbitrary command execution on your system without user confirmation if an attacker can influence the template URL used by Copier.

An attacker-controlled template can run tasks, migrations, or Jinja extensions with high privileges, potentially compromising the security and integrity of your environment.

The risk is especially high in scenarios where the template URL can be manipulated, such as through a project's `.copier-answers.yml` file during a copier update operation.

Detection Guidance

This vulnerability can be detected by inspecting the template URLs used in Copier configurations or projects, especially looking for URLs that start with a trusted prefix but contain path traversal sequences like ".." which could bypass the trust check.

Since the vulnerability involves path traversal in template URLs, you can search for such patterns in your project files, for example in the .copier-answers.yml file or any configuration that specifies template URLs.

  • Use grep or similar tools to find suspicious template URLs with path traversal sequences, e.g.: grep -r "https://github.com/.*/\.\./" .
  • Check Copier versions in use to ensure they are not between 9.5.0 and 9.15.1, as these are vulnerable.

There are no specific built-in commands or network detection tools mentioned for detecting exploitation attempts of this vulnerability.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade Copier to version 9.15.2 or later, where the issue has been fixed by normalizing paths before trust comparison.

Additionally, review and sanitize any template URLs used in your projects to ensure they do not contain path traversal sequences that could bypass trust checks.

Avoid using untrusted or user-influenced template URLs until the update is applied.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53951. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart