CVE-2026-34730 Overview
CVE-2026-34730 is a Path Traversal vulnerability in Copier, a library and CLI application for rendering project templates. Prior to version 9.14.1, Copier's _external_data feature allows a template to load YAML files using template-controlled paths. If untrusted templates are in scope, a malicious template can read attacker-chosen YAML-parseable local files that are accessible to the user running Copier and expose their contents in rendered output.
Critical Impact
Attackers can leverage malicious templates to read sensitive YAML-parseable files from the local system, potentially exposing credentials, configuration secrets, or other sensitive data accessible to the user running Copier.
Affected Products
- Copier versions prior to 9.14.1
Discovery Timeline
- 2026-04-02 - CVE CVE-2026-34730 published to NVD
- 2026-04-02 - Last updated in NVD database
Technical Details for CVE-2026-34730
Vulnerability Analysis
This vulnerability is classified as CWE-22 (Path Traversal), which occurs when software uses external input to construct a pathname that is intended to identify a file or directory located underneath a restricted parent directory, but fails to properly neutralize special elements within the pathname.
The _external_data feature in Copier allows templates to specify paths for loading external YAML data files. The vulnerable code did not validate whether the specified path remained within the subproject's root directory. This meant an attacker-controlled template could specify paths using traversal sequences (e.g., ../) to access files outside the intended directory scope.
The vulnerability requires user interaction (opening or processing a malicious template), and the attack is executed locally. While the vulnerability does not allow for modification of files or denial of service, it enables unauthorized read access to sensitive information, which could include credentials stored in YAML configuration files.
Root Cause
The root cause lies in the lack of path validation in the _external_data feature. The original implementation would render and use user-supplied paths directly to load YAML files without checking whether the resolved path remained within the subproject's local path boundary. This allowed path traversal attacks where malicious templates could escape the intended directory and read arbitrary YAML-parseable files on the system.
Attack Vector
An attacker must craft a malicious Copier template that specifies crafted path values in the _external_data configuration. When a victim uses this template (either by cloning from an untrusted source or receiving it through other means), Copier would process the template and load YAML files from attacker-specified locations. The contents of these files would then be exposed in the rendered template output, allowing the attacker to exfiltrate sensitive data.
The attack scenario requires:
- A victim to use an untrusted template
- The target files to be YAML-parseable
- The files to be readable by the user running Copier
The security patch introduces proper path validation by checking if the resolved path is relative to the subproject's local path. If the path is outside this boundary and the --trust flag is not explicitly set, a ForbiddenPathError is raised:
def _load_external_data(path: str) -> Any:
if (
not (
(self.dst_path / (path := _render(path)))
.resolve()
.is_relative_to(self.subproject.local_abspath)
)
and not self.unsafe
):
raise ForbiddenPathError(
path=Path(path),
hint=(
"If you trust this path, you can override the check:\n"
" - CLI: `--trust`/`--UNSAFE`\n"
" - API: `trust=True`"
),
)
return load_answersfile_data(self.dst_path, path, warn_on_missing=True)
Source: GitHub Commit Changes
Detection Methods for CVE-2026-34730
Indicators of Compromise
- Unexpected file read operations during template rendering, particularly accessing paths outside the template directory
- Template configurations containing suspicious path traversal sequences (e.g., ../, absolute paths)
- Presence of untrusted or unknown templates in the Copier workspace
Detection Strategies
- Review template sources before use and verify they come from trusted repositories
- Monitor file access patterns during Copier operations for reads outside the expected subproject directory
- Implement file integrity monitoring on sensitive YAML configuration files
Monitoring Recommendations
- Enable verbose logging when running Copier to capture file access attempts
- Use endpoint detection tools to monitor for unusual file read patterns by Python processes
- Audit template repositories for malicious path specifications in _external_data configurations
How to Mitigate CVE-2026-34730
Immediate Actions Required
- Upgrade Copier to version 9.14.1 or later immediately
- Audit any templates from untrusted sources before use
- Review rendered output for any unexpected data exposure
- Do not use the --trust or --UNSAFE flags unless you fully trust the template source
Patch Information
The vulnerability has been patched in Copier version 9.14.1. The fix introduces path validation that ensures _external_data paths are relative to the subproject root directory. Paths outside this boundary now require explicit trust confirmation via the --trust CLI flag or trust=True API parameter.
For detailed patch information, see:
Workarounds
- Only use templates from trusted, verified sources until you can upgrade
- Run Copier in a sandboxed or containerized environment with limited filesystem access
- Remove or restrict access to sensitive YAML files that could be targeted by malicious templates
- Implement filesystem access controls to limit what files the user running Copier can read
# Upgrade Copier to the patched version
pip install --upgrade copier>=9.14.1
# Verify installed version
copier --version
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
