CVE-2026-34730 | copier-org copier up to 9.14.0 YAML File Parser _external_data path traversal (GHSA-hgjq-p8cr-gg4h)

Inserito da Angelo Barbosa | Apr 2, 2026 | CVE

A vulnerability labeled as critical has been found in copier-org copier up to 9.14.0. Affected by this vulnerability is the function _external_data of the component YAML File Parser. Executing a manipulation can lead to path traversal.

This vulnerability is handled as CVE-2026-34730. It is possible to launch the attack on the local host. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-34730 | copier-org copier up to 9.14.0 YAML File Parser _external_data path traversal (GHSA-hgjq-p8cr-gg4h)

Post correlati

CVE-2025-69821 | Beat XP VEGA Smartwatch RB303ATV006229 BLE denial of service

CVE-2024-55214 | dhtmlxFileExplorer 8.4.6 File Download file inclusion

CVE-2024-11073 | SourceCodester Hospital Management System 1.0 delete-account.php id improper authorization

CVE-2023-31493 | ZoneMinder up to 1.36.33 Languages Folder unrestricted upload