RSS   Podatności dla 'Jython'   RSS

2017-07-06
 
CVE-2016-4000

CWE-502
 
 
Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.

 
2015-02-13
 
CVE-2013-2027

CWE-264
 
 
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.

 

Copyright 2024, cxsecurity.com

 

Back to Top