What is CVE-2025-55214?

CVE-2025-55214 is a vulnerability in Copier-org Copier, classified under Path Traversal. Published 2025-08-18.

Is CVE-2025-55214 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Copier-org Copier

CVE-2025-55214

Copier library and CLI app for rendering project templates. From 7.1.0 to before 9.9.1, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.001 (21.0th percentile) — read the EPSS interpretation.

Affected products

Copier-org Copier — versions >= 7.1.0, < 9.9.1

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

https://github.com/copier-org/copier/security/advisories/GHSA-p7q8-grrj-3m8w (x_refsource_CONFIRM)
https://github.com/copier-org/copier/commit/fdbc0167cc22780b497e4db176feaf6f024757d6 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-55214?: CVE-2025-55214 is a vulnerability in Copier-org Copier, classified under Path Traversal. Published 2025-08-18.
Is CVE-2025-55214 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.