Vulnerability	Vulnerable Version
M Access Restriction Bypass org.python:jython-standalone is a Python emulator written in 100% Pure Java, and seamlessly integrated with the Java platform. It thus allows you to run Python on any Java platform. Affected versions of this package are vulnerable to Access Restriction Bypass when it creates class cache files and uses the current `umask` to set the privileges of the class cache files, which makes them to be world-writeable. Exploiting this vulnerability allows local users to bypass intended access restrictions via unspecified vectors. How to fix Access Restriction Bypass? Upgrade `org.python:jython-standalone` to version 2.7.2b3 or higher.	[,2.7.2b3)
C Arbitrary Code Execution `org.python:jython-standalone` Affected versions of this package are vulnerable to Arbitrary Code Execution by sending a serialized function to the deserializer, which in turn will execute the code.	[,2.7.1b3)

Access Restriction Bypass

org.python:jython-standalone is a Python emulator written in 100% Pure Java, and seamlessly integrated with the Java platform. It thus allows you to run Python on any Java platform.

Affected versions of this package are vulnerable to Access Restriction Bypass when it creates class cache files and uses the current umask to set the privileges of the class cache files, which makes them to be world-writeable. Exploiting this vulnerability allows local users to bypass intended access restrictions via unspecified vectors.

How to fix Access Restriction Bypass?

Upgrade org.python:jython-standalone to version 2.7.2b3 or higher.

[,2.7.2b3)

Arbitrary Code Execution

org.python:jython-standalone Affected versions of this package are vulnerable to Arbitrary Code Execution by sending a serialized function to the deserializer, which in turn will execute the code.

[,2.7.1b3)

Go back to all versions of this package