CVE-2026-45017: python-liquid: Absolute paths escape filesystem loader search path

May 11, 2026

The built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template authors to load and render arbitrary files via the {% include %} and {% render %} tags. Targeted files would need to contain valid Liquid markup and be readable by the application process.

References

github.com/advisories/GHSA-8p4x-wr7x-3788
github.com/jg-rp/liquid
github.com/jg-rp/liquid/security/advisories/GHSA-8p4x-wr7x-3788
nvd.nist.gov/vuln/detail/CVE-2026-45017

Code Behaviors & Features

Detect and mitigate CVE-2026-45017 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →