Every CVE whose affected-product data names Pocoo Jinja2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-8341 — CVSS 9.8 (critical): An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the…
CVE-2014-0012 — CVSS 4.4 (medium): FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by…
CVE-2014-1402 — CVSS 4.4 (medium): The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows…