EXECUTIVE SUMMARY:
CVE-2026-45017 with a CVSS score of 7.5 is a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in the python-liquid package, specifically affecting versions less than 2.2.0. An attacker can exploit this vulnerability by providing a malicious absolute path to the built-in `FileSystemLoader` and `CachingFileSystemLoader`, allowing them to load and render arbitrary files via the `{% include %}` and `{% render %}` tags, as long as the targeted files contain valid Liquid markup and are readable by the application process. This would give the attacker the capability to access sensitive files and escalate privileges within the affected system. The business impact and consequences of this vulnerability include unauthorized data access and potential system compromise, if exploited. Prerequisites for exploitation include access to the application process and the ability to provide a valid Liquid markup containing the malicious absolute path.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-45017 with a CVSS score of 7.5 is a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in the python-liquid package, specifically affecting versions less than 2.2.0. An attacker can exploit this vulnerability by providing a malicious absolute path to the built-in `FileSystemLoader` and `CachingFileSystemLoader`, allowing them to load and render arbitrary files via the `{% include %}` and `{% render %}` tags, as long as the targeted files contain valid Liquid markup and are readable by the application process. This would give the attacker the capability to access sensitive files and escalate privileges within the affected system. The business impact and consequences of this vulnerability include unauthorized data access and potential system compromise, if exploited. Prerequisites for exploitation include access to the application process and the ability to provide a valid Liquid markup containing the malicious absolute path.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-8p4x-wr7x-3788