Vulnerabilities > Pocoo
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-20 | CVE-2021-42771 | Path Traversal vulnerability in multiple products Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution. | 7.2 |
2019-02-15 | CVE-2019-8341 | Code Injection vulnerability in multiple products An issue was discovered in Jinja2 2.10. | 9.8 |
2014-05-19 | CVE-2014-1402 | Permissions, Privileges, and Access Controls vulnerability in Pocoo Jinja2 The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp. | 4.4 |