PT-2026-39696 · Pypi · Python-Liquid
Published
2026-05-11
·
Updated
2026-05-11
·
CVE-2026-45017
CVSS v4.0
8.2
High
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Impact
The built-in
FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template authors to load and render arbitrary files via the {% include %} and {% render %} tags. Targeted files would need to contain valid Liquid markup and be readable by the application process.Patches
The issue is fixed in version 2.2.0 with the inclusion of a
template path.is absolute() condition in liquid/builtin/loaders/file system loader.py. if os.path.pardir in template path.parts or template path.is absolute():
raise TemplateNotFoundError(template name)Workarounds
Create a custom template loader by inheriting from
FileSystemLoader and overriding resolve path(). Use an instance of the custom loader as the loader argument when instantiating your Liquid environment.import os
from pathlib import Path
from liquid import Environment
from liquid import FileSystemLoader
from liquid.exceptions import TemplateNotFoundError
class MyFileSystemLoader(FileSystemLoader):
def resolve path(self, template name: str) -> Path:
template path = Path(template name)
if self.ext and not template path.suffix:
template path = template path.with suffix(self.ext)
if os.path.pardir in template path.parts or template path.is absolute():
raise TemplateNotFoundError(template name)
for path in self.search path:
source path = path.joinpath(template path)
if not source path.exists():
continue
return source path
raise TemplateNotFoundError(template name)
env = Environment(loader=MyFileSystemLoader("path/to/templates/"))Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Python-Liquid