Maven package
org.python/jython-standalone
pkg:maven/org.python/jython-standalone
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-4000 | Cri | 9.8 | < 2.7.1 | 2.7.1 | Jul 6, 2017 | Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object. | |
| CVE-2013-2027 | — | < 2.7.2b3 | 2.7.2b3 | Feb 13, 2015 | Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors. |
- affected < 2.7.1fixed 2.7.1
Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.
- CVE-2013-2027Feb 13, 2015affected < 2.7.2b3fixed 2.7.2b3
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.