Skip to main content

python-liquid CVE-2026-45017

| EUVD-2026-32907 HIGH
Path Traversal (CWE-22)
2026-05-11 https://github.com/jg-rp/liquid GHSA-8p4x-wr7x-3788
Python Path Traversal
8.2
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

9
Analysis Updated
May 28, 2026 - 16:45 vuln.today
v5 (cvss_changed)
Analysis Updated
May 28, 2026 - 16:44 vuln.today
v4 (cvss_changed)
Analysis Updated
May 28, 2026 - 16:44 vuln.today
v3 (cvss_changed)
Analysis Updated
May 28, 2026 - 16:43 vuln.today
v2 (cvss_changed)
Re-analysis Queued
May 28, 2026 - 16:22 vuln.today
cvss_changed
CVSS changed
May 28, 2026 - 16:22 NVD
8.2 (HIGH)
Source Code Evidence Fetched
May 11, 2026 - 15:16 vuln.today
Analysis Generated
May 11, 2026 - 15:16 vuln.today
CVE Published
May 11, 2026 - 14:57 nvd
HIGH

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 34 pypi packages depend on python-liquid (22 direct, 12 indirect)

Ecosystem-wide dependent count for version 2.2.0.

DescriptionNVD

Impact

The built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template authors to load and render arbitrary files via the {% include %} and {% render %} tags. Targeted files would need to contain valid Liquid markup and be readable by the application process.

Patches

The issue is fixed in version 2.2.0 with the inclusion of a template_path.is_absolute() condition in liquid/builtin/loaders/file_system_loader.py.

python
        if os.path.pardir in template_path.parts or template_path.is_absolute():
            raise TemplateNotFoundError(template_name)

Workarounds

Create a custom template loader by inheriting from FileSystemLoader and overriding resolve_path(). Use an instance of the custom loader as the loader argument when instantiating your Liquid environment.

python
import os
from pathlib import Path

from liquid import Environment
from liquid import FileSystemLoader
from liquid.exceptions import TemplateNotFoundError


class MyFileSystemLoader(FileSystemLoader):
    def resolve_path(self, template_name: str) -> Path:
        template_path = Path(template_name)

        if self.ext and not template_path.suffix:
            template_path = template_path.with_suffix(self.ext)

        if os.path.pardir in template_path.parts or template_path.is_absolute():
            raise TemplateNotFoundError(template_name)

        for path in self.search_path:
            source_path = path.joinpath(template_path)
            if not source_path.exists():
                continue
            return source_path

        raise TemplateNotFoundError(template_name)


env = Environment(loader=MyFileSystemLoader("path/to/templates/"))

AnalysisAI

{% include %} and {% render %} Liquid tags. The built-in FileSystemLoader and CachingFileSystemLoader failed to reject absolute paths, escaping the configured search path; no public exploit identified at time of analysis but the vendor advisory (GHSA-8p4x-wr7x-3788) publicly documents the bypass mechanism.

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all systems running affected versions using the FileSystemLoader or CachingFileSystemLoader components. Within 7 days: Apply the patch available per vendor advisory and verify template functionality after deployment. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-45017 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy