Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.
References
Configurations
History
07 Nov 2023, 02:32
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2017-07-06 16:29
Updated : 2024-02-28 16:04
NVD link : CVE-2016-4000
Mitre link : CVE-2016-4000
CVE.ORG link : CVE-2016-4000
JSON object : View
Products Affected
debian
- debian_linux
jython_project
- jython
CWE
CWE-502
Deserialization of Untrusted Data