Description
https://snyk.io/vuln/SNYK-JAVA-ORGPYTHON-31451
Overview
org.python:jython-standalone Affected versions of this package are vulnerable to Arbitrary Code Execution by sending a serialized function to the deserializer, which in turn will execute the code.
References
[ CVE|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4000]
Jython Bug Report
[ Fix Commit|https://hg.python.org/jython/rev/d06e29d100c0]
Attachments
Issue Links
- links to