Moderate severityNVD Advisory· Published Feb 13, 2015· Updated Jun 16, 2026

CVE-2013-2027

Description

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
org.python:jython-standaloneMaven	< 2.7.2b3	2.7.2b3

Affected products

Jython Project/Jython
cpe:2.3:a:jython_project:jython:2.2.1:*:*:*:*:*:*:*
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
ghsa-coords
pkg:maven/org.python/jython-standalone
Range: < 2.7.2b3

Patches

Vulnerability mechanics

References

advisories.mageia.org/MGASA-2015-0096.htmlnvdThird Party AdvisoryWEB
lists.opensuse.org/opensuse-updates/2015-02/msg00055.htmlnvdThird Party AdvisoryWEB
github.com/advisories/GHSA-9347-9w64-q5wpghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2013-2027ghsaADVISORY
www.mandriva.com/security/advisoriesnvdBroken LinkWEB
www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlnvdWEB
bugzilla.redhat.com/show_bug.cginvdIssue TrackingWEB
github.com/jython/frozen-mirror/blob/b8d7aa4cee50c0c0fe2f4b235dd62922dd0f3f99/NEWSghsaWEB
github.com/jython/frozen-mirror/commit/053949e66d307168fd70b39725f4d3e6b642acc1ghsaWEB
jython/frozen-mirrorghsaPACKAGE

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000