Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses
Filter by:
With package: gnomeExtensions.copier

Found 4 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-34730
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 2 weeks, 1 day ago
Copier `_external_data` allows path traversal and absolute-path local file read without unsafe mode

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's _external_data feature allows a template to load YAML files using template-controlled paths. If untrusted templates are in scope, a malicious template can read attacker-chosen YAML-parseable local files that are accessible to the user running Copier and expose their contents in rendered output. This issue has been patched in version 9.14.1.

Affected products

copier
  • ==< 9.14.1

Matching in nixpkgs

pkgs.copier

Library and command-line utility for rendering projects templates

pkgs.apksigcopier

Copy/extract/patch android apk signatures & compare APKs

pkgs.gnomeExtensions.copier

Copy text notes to clipboard via a panel indicator

  • nixos-unstable 8
    • nixpkgs-unstable 8
    • nixos-unstable-small 8
  • nixos-25.11 8
    • nixos-25.11-small 8
    • nixpkgs-25.11-darwin 8

Package maintainers

Untriaged
Permalink CVE-2026-34726
4.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 2 weeks, 1 day ago
Copier `_subdirectory` allows template root escape via parent-directory traversal

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's _subdirectory setting is documented as the subdirectory to use as the template root. However, the current implementation accepts parent-directory traversal such as .. and uses it directly when selecting the template root. As a result, a template can escape its own directory and make Copier render files from the parent directory without --UNSAFE. This issue has been patched in version 9.14.1.

Affected products

copier
  • ==< 9.14.1

Matching in nixpkgs

pkgs.copier

Library and command-line utility for rendering projects templates

pkgs.apksigcopier

Copy/extract/patch android apk signatures & compare APKs

pkgs.gnomeExtensions.copier

Copy text notes to clipboard via a panel indicator

  • nixos-unstable 8
    • nixpkgs-unstable 8
    • nixos-unstable-small 8
  • nixos-25.11 8
    • nixos-25.11-small 8
    • nixpkgs-25.11-darwin 8

Package maintainers

Untriaged
Permalink CVE-2026-23968
created 2 months, 3 weeks ago
Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false

Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the `--UNSAFE,--trust` flag. As it turns out, a safe template can currently include arbitrary files/directories outside the local template clone location by using symlinks along with `_preserve_symlinks: false` (which is Copier's default setting). Version 9.11.2 patches the issue.

Affected products

copier
  • ==< 9.11.2

Matching in nixpkgs

pkgs.copier

Library and command-line utility for rendering projects templates

pkgs.apksigcopier

Copy/extract/patch android apk signatures & compare APKs

pkgs.gnomeExtensions.copier

Copy text notes to clipboard via a panel indicator

  • nixos-unstable 8
    • nixpkgs-unstable 8
    • nixos-unstable-small 8
  • nixos-25.11 8
    • nixpkgs-25.11-darwin 8

Package maintainers

Untriaged
Permalink CVE-2026-23986
created 2 months, 3 weeks ago
Copier safe template has arbitrary filesystem write access via directory symlinks when _preserve_symlinks: true

Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the `--UNSAFE,--trust` flag. As it turns out, a safe template can currently write to arbitrary directories outside the destination path by using directory a symlink along with `_preserve_symlinks: true` and a generated directory structure whose rendered path is inside the symlinked directory. This way, a malicious template author can create a template that overwrites arbitrary files (according to the user's write permissions), e.g., to cause havoc. Version 9.11.2 patches the issue.

Affected products

copier
  • ==< 9.11.2

Matching in nixpkgs

pkgs.copier

Library and command-line utility for rendering projects templates

pkgs.apksigcopier

Copy/extract/patch android apk signatures & compare APKs

pkgs.gnomeExtensions.copier

Copy text notes to clipboard via a panel indicator

  • nixos-unstable 8
    • nixpkgs-unstable 8
    • nixos-unstable-small 8
  • nixos-25.11 8
    • nixpkgs-25.11-darwin 8

Package maintainers