CVE-2025-55214

Name of the Vulnerable Software and Affected Versions: Copier versions 7.1.0 through 9.9.0

Description: Copier, a library and CLI application for rendering project templates, allows for the potential to write files outside the intended destination path when rendering a generated directory structure using relative parent paths or absolute paths. This is possible through the use of the pathjoin Jinja filter and the copier conf.sep variable, enabling a malicious template author to overwrite arbitrary files based on the user's write permissions.

Recommendations: Update to Copier version 9.9.1 or later.