Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.python/jython-standalone@2.7.0
Typemaven
Namespaceorg.python
Namejython-standalone
Version2.7.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.7.2b3
Latest_non_vulnerable_version2.7.2b3
Affected_by_vulnerabilities
0
url VCID-eer2-83dz-ryea
vulnerability_id VCID-eer2-83dz-ryea
summary 
Jython Improper Access Restrictions vulnerability
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.
references
0
reference_url http://advisories.mageia.org/MGASA-2015-0096.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2015-0096.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2015-02/msg00055.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-02/msg00055.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2027.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2027.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2027
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05705
published_at 2026-04-18T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05717
published_at 2026-04-04T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.0571
published_at 2026-04-07T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.0575
published_at 2026-04-08T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05776
published_at 2026-04-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05753
published_at 2026-04-11T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05746
published_at 2026-04-12T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05741
published_at 2026-04-13T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05696
published_at 2026-04-16T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05642
published_at 2026-04-01T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05676
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2027
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=947949
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=947949
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2027
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2027
6
reference_url https://github.com/jython/frozen-mirror/blob/b8d7aa4cee50c0c0fe2f4b235dd62922dd0f3f99/NEWS#L25C8-L25C15
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jython/frozen-mirror/blob/b8d7aa4cee50c0c0fe2f4b235dd62922dd0f3f99/NEWS#L25C8-L25C15
7
reference_url https://github.com/jython/frozen-mirror/commit/053949e66d307168fd70b39725f4d3e6b642acc1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jython/frozen-mirror/commit/053949e66d307168fd70b39725f4d3e6b642acc1
8
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:158
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:158
9
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777079
reference_id 777079
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777079
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2027
reference_id CVE-2013-2027
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-2027
12
reference_url https://github.com/advisories/GHSA-9347-9w64-q5wp
reference_id GHSA-9347-9w64-q5wp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9347-9w64-q5wp
fixed_packages
0
url pkg:maven/org.python/jython-standalone@2.7.2b3
purl pkg:maven/org.python/jython-standalone@2.7.2b3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.python/jython-standalone@2.7.2b3
aliases CVE-2013-2027, GHSA-9347-9w64-q5wp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eer2-83dz-ryea
1
url VCID-vkq3-8asa-77aj
vulnerability_id VCID-vkq3-8asa-77aj
summary Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.
references
0
reference_url http://bugs.jython.org/issue2454
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://bugs.jython.org/issue2454
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4000.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4000.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4000
reference_id
reference_type
scores
0
value 0.12492
scoring_system epss
scoring_elements 0.93923
published_at 2026-04-12T12:55:00Z
1
value 0.12492
scoring_system epss
scoring_elements 0.93922
published_at 2026-04-13T12:55:00Z
2
value 0.12492
scoring_system epss
scoring_elements 0.93919
published_at 2026-04-09T12:55:00Z
3
value 0.12492
scoring_system epss
scoring_elements 0.93915
published_at 2026-04-08T12:55:00Z
4
value 0.12492
scoring_system epss
scoring_elements 0.93906
published_at 2026-04-07T12:55:00Z
5
value 0.12492
scoring_system epss
scoring_elements 0.93903
published_at 2026-04-04T12:55:00Z
6
value 0.12492
scoring_system epss
scoring_elements 0.93894
published_at 2026-04-02T12:55:00Z
7
value 0.12492
scoring_system epss
scoring_elements 0.93885
published_at 2026-04-01T12:55:00Z
8
value 0.12492
scoring_system epss
scoring_elements 0.93949
published_at 2026-04-18T12:55:00Z
9
value 0.12492
scoring_system epss
scoring_elements 0.93944
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4000
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864859
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864859
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4000
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4000
5
reference_url https://github.com/frohoff/ysoserial/blob/master/src/main/java/ysoserial/payloads/Jython1.java
reference_id
reference_type
scores
url https://github.com/frohoff/ysoserial/blob/master/src/main/java/ysoserial/payloads/Jython1.java
6
reference_url https://github.com/jythontools/jython/commit/4c337213bd2964bb36cef2d31509b49647ca6f2a
reference_id
reference_type
scores
url https://github.com/jythontools/jython/commit/4c337213bd2964bb36cef2d31509b49647ca6f2a
7
reference_url https://hg.python.org/jython/file/v2.7.1rc1/NEWS
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hg.python.org/jython/file/v2.7.1rc1/NEWS
8
reference_url https://hg.python.org/jython/rev/d06e29d100c0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://hg.python.org/jython/rev/d06e29d100c0
9
reference_url https://lists.apache.org/thread.html/0919ec1db20b1022f22b8e78f355667df74d6142b463ff17d03ad533@%3Cdevnull.infra.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/0919ec1db20b1022f22b8e78f355667df74d6142b463ff17d03ad533@%3Cdevnull.infra.apache.org%3E
10
reference_url https://security.gentoo.org/glsa/201710-28
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201710-28
11
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGPYTHON-31451
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-ORGPYTHON-31451
12
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
13
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
14
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
15
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
16
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
17
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
18
reference_url http://www.debian.org/security/2017/dsa-3893
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2017/dsa-3893
19
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1461928
reference_id 1461928
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1461928
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4000
reference_id CVE-2016-4000
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4000
22
reference_url https://security-tracker.debian.org/tracker/CVE-2016-4000
reference_id CVE-2016-4000
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2016-4000
23
reference_url https://github.com/advisories/GHSA-6r7r-jj8h-pq6v
reference_id GHSA-6r7r-jj8h-pq6v
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6r7r-jj8h-pq6v
fixed_packages
0
url pkg:maven/org.python/jython-standalone@2.7.1b3
purl pkg:maven/org.python/jython-standalone@2.7.1b3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-eer2-83dz-ryea
1
vulnerability VCID-vkq3-8asa-77aj
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.python/jython-standalone@2.7.1b3
1
url pkg:maven/org.python/jython-standalone@2.7.1
purl pkg:maven/org.python/jython-standalone@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-eer2-83dz-ryea
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.python/jython-standalone@2.7.1
aliases CVE-2016-4000, GHSA-6r7r-jj8h-pq6v
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkq3-8asa-77aj
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.python/jython-standalone@2.7.0