Vulnerabilities > Pocoo

DATE CVE VULNERABILITY TITLE RISK
2021-10-20 CVE-2021-42771 Path Traversal vulnerability in multiple products
Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.
local
low complexity
pocoo debian CWE-22
7.2
2019-02-15 CVE-2019-8341 Code Injection vulnerability in multiple products
An issue was discovered in Jinja2 2.10.
network
low complexity
pocoo opensuse CWE-94
critical
9.8
2014-05-19 CVE-2014-1402 Permissions, Privileges, and Access Controls vulnerability in Pocoo Jinja2
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.
local
pocoo CWE-264
4.4