CVE-2025-55214 is a path traversal vulnerability in the Copier library and CLI application, versions 7.1.0 up to but not including 9.9.1. Copier is a tool used to render project templates, designed to generate or update project files from predefined templates. The vulnerability arises because Copier incorrectly assumes that templates marked as safe (i.e., those not requiring the --UNSAFE or --trust flags) cannot write files outside the intended project directory. However, a malicious template author can exploit the built-in Jinja filter 'pathjoin' combined with the '_copier_conf.sep' variable (which represents the platform-native path separator) to craft directory paths that traverse outside the target directory. This allows the template to write or overwrite arbitrary files on the filesystem, limited only by the user's write permissions. Such unauthorized file writes can lead to data corruption, privilege escalation attempts, or disruption of system operations. The vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) and has a CVSS v4.0 score of 6.9 (medium severity). Exploitation requires local access and user interaction (running Copier with a malicious template), but no authentication or elevated privileges are required to trigger the issue. The vulnerability was fixed in version 9.9.1 of Copier.

For European organizations, this vulnerability poses a moderate risk especially for development teams or automation pipelines that utilize Copier to generate project templates. If a malicious or compromised template is introduced—either from an untrusted source or via supply chain attacks—it could lead to unauthorized overwriting of critical files on developer machines or build servers. This could result in corrupted source code, compromised build artifacts, or even insertion of malicious code, potentially cascading into production environments. The impact is heightened in environments where Copier is used in automated CI/CD pipelines without strict template validation. Confidentiality impact is limited since the vulnerability primarily allows file overwrite rather than direct data exfiltration, but integrity and availability can be significantly affected. Given the medium CVSS score and the requirement for user interaction, the threat is moderate but should not be underestimated in sensitive or high-security environments.

1. Upgrade Copier to version 9.9.1 or later immediately to apply the official patch that fixes this path traversal vulnerability. 2. Implement strict validation and vetting of all templates before use, especially those sourced externally or from third parties. 3. Restrict Copier usage to trusted users and environments, minimizing exposure to untrusted templates. 4. Employ filesystem monitoring tools to detect unexpected file writes or modifications outside designated project directories during template rendering. 5. Integrate template scanning tools or static analysis to detect suspicious path traversal patterns in templates before execution. 6. Use containerized or sandboxed environments for template rendering to limit the impact of potential file overwrites. 7. Educate developers and DevOps teams about the risks of using untrusted templates and the importance of applying the --UNSAFE or --trust flags only when absolutely necessary and with caution.