Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

Type deb

Namespace debian

Name jython

Version 2.7.2+repack1-3

Qualifiers

distro	trixie

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.7.2+repack1-5

Latest_non_vulnerable_version 2.7.2+repack1-5

Affected_by_vulnerabilities

url VCID-v84j-ugn9-w3c8

vulnerability_id VCID-v84j-ugn9-w3c8

summary python: XSS vulnerability in the documentation XML-RPC server in server_title field

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16935

reference_id

reference_type

scores

value	0.02256
scoring_system	epss
scoring_elements	0.84528
published_at	2026-04-01T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84625
published_at	2026-04-18T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84614
published_at	2026-04-11T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84609
published_at	2026-04-12T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84605
published_at	2026-04-13T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84542
published_at	2026-04-02T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84564
published_at	2026-04-04T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84567
published_at	2026-04-07T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84589
published_at	2026-04-08T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84595
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16935

reference_url	https://bugs.python.org/issue38243
reference_id
reference_type
scores
url	https://bugs.python.org/issue38243

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897
reference_id
reference_type
scores
url	https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897

reference_url	https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213
reference_id
reference_type
scores
url	https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213

reference_url	https://github.com/python/cpython/pull/16373
reference_id
reference_type
scores
url	https://github.com/python/cpython/pull/16373

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/

reference_url	https://security.netapp.com/advisory/ntap-20191017-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191017-0004/

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149
reference_id	1027149
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1763229
reference_id	1763229
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1763229

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16935

reference_id

CVE-2019-16935

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16935

reference_url	https://access.redhat.com/errata/RHSA-2020:1605
reference_id	RHSA-2020:1605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1605

reference_url	https://access.redhat.com/errata/RHSA-2020:3888
reference_id	RHSA-2020:3888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3888

reference_url	https://access.redhat.com/errata/RHSA-2020:3911
reference_id	RHSA-2020:3911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3911

reference_url	https://access.redhat.com/errata/RHSA-2020:4285
reference_id	RHSA-2020:4285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4285

reference_url	https://access.redhat.com/errata/RHSA-2020:4433
reference_id	RHSA-2020:4433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4433

reference_url	https://access.redhat.com/errata/RHSA-2021:0949
reference_id	RHSA-2021:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0949

reference_url	https://usn.ubuntu.com/4151-1/
reference_id	USN-4151-1
reference_type
scores
url	https://usn.ubuntu.com/4151-1/

reference_url	https://usn.ubuntu.com/4151-2/
reference_id	USN-4151-2
reference_type
scores
url	https://usn.ubuntu.com/4151-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/jython@2.7.2%2Brepack1-5?distro=trixie
purl	pkg:deb/debian/jython@2.7.2%2Brepack1-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-5%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2019-16935

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v84j-ugn9-w3c8

Fixing_vulnerabilities

url VCID-1hw3-vhwb-nkcd

vulnerability_id VCID-1hw3-vhwb-nkcd

summary Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12718

reference_id

reference_type

scores

value	0.00692
scoring_system	epss
scoring_elements	0.71871
published_at	2026-04-18T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71793
published_at	2026-04-02T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71811
published_at	2026-04-04T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71785
published_at	2026-04-07T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71824
published_at	2026-04-08T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71835
published_at	2026-04-09T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71859
published_at	2026-04-11T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71842
published_at	2026-04-12T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71825
published_at	2026-04-13T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71867
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12718

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/issues/127987

reference_id

127987

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/issues/127987

reference_url

https://github.com/python/cpython/issues/135034

reference_id

135034

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/issues/135034

reference_url

https://github.com/python/cpython/pull/135037

reference_id

135037

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/pull/135037

reference_url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_id

19de092debb3d7e832e5672cc2f7b788d35951da

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2370013
reference_id	2370013
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2370013

reference_url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_id

28463dba112af719df1e8b0391c46787ad756dd9

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_id

3612d8f51741b11f36f8fb0494d79086bac9390a

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_id

4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_url

https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

reference_id

52398e33eff261329a0180ac1d54f42f

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

reference_url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_id

9c1110ef6652687d7c55f590f909720eddde965a

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_id

9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_id

aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_id

dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_url	https://security.gentoo.org/glsa/202506-07
reference_id	GLSA-202506-07
reference_type
scores
url	https://security.gentoo.org/glsa/202506-07

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_id

MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_url	https://access.redhat.com/errata/RHSA-2025:10026
reference_id	RHSA-2025:10026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10026

reference_url	https://access.redhat.com/errata/RHSA-2025:10028
reference_id	RHSA-2025:10028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10028

reference_url	https://access.redhat.com/errata/RHSA-2025:10031
reference_id	RHSA-2025:10031
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10031

reference_url	https://access.redhat.com/errata/RHSA-2025:10128
reference_id	RHSA-2025:10128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10128

reference_url	https://access.redhat.com/errata/RHSA-2025:10136
reference_id	RHSA-2025:10136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10136

reference_url	https://access.redhat.com/errata/RHSA-2025:10140
reference_id	RHSA-2025:10140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10140

reference_url	https://access.redhat.com/errata/RHSA-2025:10148
reference_id	RHSA-2025:10148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10148

reference_url	https://access.redhat.com/errata/RHSA-2025:10189
reference_id	RHSA-2025:10189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10189

reference_url	https://access.redhat.com/errata/RHSA-2025:10399
reference_id	RHSA-2025:10399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10399

reference_url	https://access.redhat.com/errata/RHSA-2025:10484
reference_id	RHSA-2025:10484
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10484

reference_url	https://access.redhat.com/errata/RHSA-2025:10602
reference_id	RHSA-2025:10602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10602

reference_url	https://access.redhat.com/errata/RHSA-2025:11386
reference_id	RHSA-2025:11386
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11386

reference_url	https://access.redhat.com/errata/RHSA-2025:13267
reference_id	RHSA-2025:13267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13267

reference_url	https://access.redhat.com/errata/RHSA-2025:18219
reference_id	RHSA-2025:18219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18219

reference_url	https://access.redhat.com/errata/RHSA-2025:9918
reference_id	RHSA-2025:9918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9918

reference_url	https://access.redhat.com/errata/RHSA-2026:0934
reference_id	RHSA-2026:0934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0934

reference_url	https://usn.ubuntu.com/7583-1/
reference_id	USN-7583-1
reference_type
scores
url	https://usn.ubuntu.com/7583-1/

fixed_packages

url	pkg:deb/debian/jython@0?distro=trixie
purl	pkg:deb/debian/jython@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-v84j-ugn9-w3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2024-12718

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1hw3-vhwb-nkcd

url VCID-4afh-28ss-mudf

vulnerability_id VCID-4afh-28ss-mudf

summary Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4138

reference_id

reference_type

scores

value	0.00273
scoring_system	epss
scoring_elements	0.50673
published_at	2026-04-02T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50756
published_at	2026-04-18T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50699
published_at	2026-04-04T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50655
published_at	2026-04-07T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.5071
published_at	2026-04-13T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50706
published_at	2026-04-09T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50748
published_at	2026-04-11T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50725
published_at	2026-04-12T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.5075
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4138

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/issues/135034

reference_id

135034

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/issues/135034

reference_url

https://github.com/python/cpython/pull/135037

reference_id

135037

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/pull/135037

reference_url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_id

19de092debb3d7e832e5672cc2f7b788d35951da

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2372426
reference_id	2372426
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2372426

reference_url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_id

28463dba112af719df1e8b0391c46787ad756dd9

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_id

3612d8f51741b11f36f8fb0494d79086bac9390a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_id

4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_url

https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

reference_id

52398e33eff261329a0180ac1d54f42f

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

reference_url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_id

9c1110ef6652687d7c55f590f909720eddde965a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_id

9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_id

aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_id

dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_url	https://security.gentoo.org/glsa/202506-07
reference_id	GLSA-202506-07
reference_type
scores
url	https://security.gentoo.org/glsa/202506-07

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_id

MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_url	https://access.redhat.com/errata/RHSA-2025:10026
reference_id	RHSA-2025:10026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10026

reference_url	https://access.redhat.com/errata/RHSA-2025:10028
reference_id	RHSA-2025:10028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10028

reference_url	https://access.redhat.com/errata/RHSA-2025:10031
reference_id	RHSA-2025:10031
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10031

reference_url	https://access.redhat.com/errata/RHSA-2025:10128
reference_id	RHSA-2025:10128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10128

reference_url	https://access.redhat.com/errata/RHSA-2025:10136
reference_id	RHSA-2025:10136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10136

reference_url	https://access.redhat.com/errata/RHSA-2025:10140
reference_id	RHSA-2025:10140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10140

reference_url	https://access.redhat.com/errata/RHSA-2025:10148
reference_id	RHSA-2025:10148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10148

reference_url	https://access.redhat.com/errata/RHSA-2025:10189
reference_id	RHSA-2025:10189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10189

reference_url	https://access.redhat.com/errata/RHSA-2025:10399
reference_id	RHSA-2025:10399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10399

reference_url	https://access.redhat.com/errata/RHSA-2025:10484
reference_id	RHSA-2025:10484
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10484

reference_url	https://access.redhat.com/errata/RHSA-2025:10602
reference_id	RHSA-2025:10602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10602

reference_url	https://access.redhat.com/errata/RHSA-2025:11386
reference_id	RHSA-2025:11386
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11386

reference_url	https://access.redhat.com/errata/RHSA-2025:13267
reference_id	RHSA-2025:13267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13267

reference_url	https://access.redhat.com/errata/RHSA-2025:18219
reference_id	RHSA-2025:18219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18219

reference_url	https://access.redhat.com/errata/RHSA-2025:23530
reference_id	RHSA-2025:23530
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23530

reference_url	https://access.redhat.com/errata/RHSA-2025:9918
reference_id	RHSA-2025:9918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9918

reference_url	https://access.redhat.com/errata/RHSA-2026:0934
reference_id	RHSA-2026:0934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0934

reference_url	https://usn.ubuntu.com/7583-1/
reference_id	USN-7583-1
reference_type
scores
url	https://usn.ubuntu.com/7583-1/

fixed_packages

url	pkg:deb/debian/jython@0?distro=trixie
purl	pkg:deb/debian/jython@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-v84j-ugn9-w3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2025-4138

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4afh-28ss-mudf

url VCID-757r-fs6p-qqdd

vulnerability_id VCID-757r-fs6p-qqdd

summary Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4517

reference_id

reference_type

scores

value	0.00303
scoring_system	epss
scoring_elements	0.53579
published_at	2026-04-02T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53606
published_at	2026-04-04T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53622
published_at	2026-04-09T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53625
published_at	2026-04-08T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53576
published_at	2026-04-07T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53671
published_at	2026-04-11T12:55:00Z

value	0.00403
scoring_system	epss
scoring_elements	0.60923
published_at	2026-04-18T12:55:00Z

value	0.00403
scoring_system	epss
scoring_elements	0.60895
published_at	2026-04-12T12:55:00Z

value	0.00403
scoring_system	epss
scoring_elements	0.60876
published_at	2026-04-13T12:55:00Z

value	0.00403
scoring_system	epss
scoring_elements	0.60918
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4517

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/issues/135034

reference_id

135034

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/issues/135034

reference_url

https://github.com/python/cpython/pull/135037

reference_id

135037

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/pull/135037

reference_url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_id

19de092debb3d7e832e5672cc2f7b788d35951da

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2370016
reference_id	2370016
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2370016

reference_url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_id

28463dba112af719df1e8b0391c46787ad756dd9

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_id

3612d8f51741b11f36f8fb0494d79086bac9390a

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_id

4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_url

https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

reference_id

52398e33eff261329a0180ac1d54f42f

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

reference_url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_id

9c1110ef6652687d7c55f590f909720eddde965a

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_id

9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_id

aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_id

dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_url	https://security.gentoo.org/glsa/202506-07
reference_id	GLSA-202506-07
reference_type
scores
url	https://security.gentoo.org/glsa/202506-07

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_id

MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG

reference_type

scores

value	9.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_url	https://access.redhat.com/errata/RHSA-2025:10026
reference_id	RHSA-2025:10026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10026

reference_url	https://access.redhat.com/errata/RHSA-2025:10028
reference_id	RHSA-2025:10028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10028

reference_url	https://access.redhat.com/errata/RHSA-2025:10031
reference_id	RHSA-2025:10031
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10031

reference_url	https://access.redhat.com/errata/RHSA-2025:10128
reference_id	RHSA-2025:10128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10128

reference_url	https://access.redhat.com/errata/RHSA-2025:10136
reference_id	RHSA-2025:10136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10136

reference_url	https://access.redhat.com/errata/RHSA-2025:10140
reference_id	RHSA-2025:10140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10140

reference_url	https://access.redhat.com/errata/RHSA-2025:10148
reference_id	RHSA-2025:10148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10148

reference_url	https://access.redhat.com/errata/RHSA-2025:10189
reference_id	RHSA-2025:10189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10189

reference_url	https://access.redhat.com/errata/RHSA-2025:10399
reference_id	RHSA-2025:10399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10399

reference_url	https://access.redhat.com/errata/RHSA-2025:10484
reference_id	RHSA-2025:10484
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10484

reference_url	https://access.redhat.com/errata/RHSA-2025:10602
reference_id	RHSA-2025:10602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10602

reference_url	https://access.redhat.com/errata/RHSA-2025:11386
reference_id	RHSA-2025:11386
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11386

reference_url	https://access.redhat.com/errata/RHSA-2025:13267
reference_id	RHSA-2025:13267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13267

reference_url	https://access.redhat.com/errata/RHSA-2025:18219
reference_id	RHSA-2025:18219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18219

reference_url	https://access.redhat.com/errata/RHSA-2025:23530
reference_id	RHSA-2025:23530
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23530

reference_url	https://access.redhat.com/errata/RHSA-2025:9918
reference_id	RHSA-2025:9918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9918

reference_url	https://access.redhat.com/errata/RHSA-2026:0934
reference_id	RHSA-2026:0934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0934

reference_url	https://usn.ubuntu.com/7583-1/
reference_id	USN-7583-1
reference_type
scores
url	https://usn.ubuntu.com/7583-1/

fixed_packages

url	pkg:deb/debian/jython@0?distro=trixie
purl	pkg:deb/debian/jython@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-v84j-ugn9-w3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2025-4517

risk_score 4.2

exploitability 0.5

weighted_severity 8.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-757r-fs6p-qqdd

url VCID-8zdt-4q7m-t7ht

vulnerability_id VCID-8zdt-4q7m-t7ht

summary Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4330

reference_id

reference_type

scores

value	0.01012
scoring_system	epss
scoring_elements	0.77068
published_at	2026-04-02T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77166
published_at	2026-04-18T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77097
published_at	2026-04-04T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.7708
published_at	2026-04-07T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77112
published_at	2026-04-08T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77122
published_at	2026-04-09T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77149
published_at	2026-04-11T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77128
published_at	2026-04-12T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77123
published_at	2026-04-13T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77164
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4330

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/issues/135034

reference_id

135034

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/issues/135034

reference_url

https://github.com/python/cpython/pull/135037

reference_id

135037

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/pull/135037

reference_url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_id

19de092debb3d7e832e5672cc2f7b788d35951da

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2370014
reference_id	2370014
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2370014

reference_url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_id

28463dba112af719df1e8b0391c46787ad756dd9

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_id

3612d8f51741b11f36f8fb0494d79086bac9390a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_id

4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_url

https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

reference_id

52398e33eff261329a0180ac1d54f42f

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

reference_url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_id

9c1110ef6652687d7c55f590f909720eddde965a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_id

9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_id

aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_id

dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_url	https://security.gentoo.org/glsa/202506-07
reference_id	GLSA-202506-07
reference_type
scores
url	https://security.gentoo.org/glsa/202506-07

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_id

MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_url	https://access.redhat.com/errata/RHSA-2025:10026
reference_id	RHSA-2025:10026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10026

reference_url	https://access.redhat.com/errata/RHSA-2025:10028
reference_id	RHSA-2025:10028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10028

reference_url	https://access.redhat.com/errata/RHSA-2025:10031
reference_id	RHSA-2025:10031
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10031

reference_url	https://access.redhat.com/errata/RHSA-2025:10128
reference_id	RHSA-2025:10128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10128

reference_url	https://access.redhat.com/errata/RHSA-2025:10136
reference_id	RHSA-2025:10136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10136

reference_url	https://access.redhat.com/errata/RHSA-2025:10140
reference_id	RHSA-2025:10140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10140

reference_url	https://access.redhat.com/errata/RHSA-2025:10148
reference_id	RHSA-2025:10148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10148

reference_url	https://access.redhat.com/errata/RHSA-2025:10189
reference_id	RHSA-2025:10189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10189

reference_url	https://access.redhat.com/errata/RHSA-2025:10399
reference_id	RHSA-2025:10399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10399

reference_url	https://access.redhat.com/errata/RHSA-2025:10484
reference_id	RHSA-2025:10484
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10484

reference_url	https://access.redhat.com/errata/RHSA-2025:10602
reference_id	RHSA-2025:10602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10602

reference_url	https://access.redhat.com/errata/RHSA-2025:13267
reference_id	RHSA-2025:13267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13267

reference_url	https://access.redhat.com/errata/RHSA-2025:23530
reference_id	RHSA-2025:23530
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23530

reference_url	https://access.redhat.com/errata/RHSA-2025:9918
reference_id	RHSA-2025:9918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9918

reference_url	https://usn.ubuntu.com/7583-1/
reference_id	USN-7583-1
reference_type
scores
url	https://usn.ubuntu.com/7583-1/

fixed_packages

url	pkg:deb/debian/jython@0?distro=trixie
purl	pkg:deb/debian/jython@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-v84j-ugn9-w3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2025-4330

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8zdt-4q7m-t7ht

url VCID-bn83-d2qp-9bfy

vulnerability_id VCID-bn83-d2qp-9bfy

summary cpython: Missing character filtering in Python

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-11468

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.11821
published_at	2026-04-02T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11595
published_at	2026-04-18T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11863
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11649
published_at	2026-04-07T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11734
published_at	2026-04-08T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11787
published_at	2026-04-09T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11797
published_at	2026-04-11T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11759
published_at	2026-04-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11733
published_at	2026-04-13T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11597
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-11468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094

reference_id

003b8315669b9f08b1010a49071f73f15f818094

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786
reference_id	1126786
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787
reference_id	1126787
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788
reference_id	1126788
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788

reference_url

https://github.com/python/cpython/issues/143935

reference_id

143935

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/issues/143935

reference_url

https://github.com/python/cpython/pull/143936

reference_id

143936

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/pull/143936

reference_url

https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2

reference_id

17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2431375
reference_id	2431375
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2431375

reference_url

https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6

reference_id

61614a5e5056e4f61ced65008d4576f3df34acb6

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6

reference_url

https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66

reference_id

a76e4cd62dd68e7cbe86e37e6ed988495a646b66

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66

reference_url

https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0

reference_id

e9970f077240c7c670e8a6fc6662f2b30d3b6ad0

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0

reference_url

https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796

reference_id

f738386838021c762efea6c9802c82de65e87796

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/

reference_id

FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/

reference_url	https://usn.ubuntu.com/8018-1/
reference_id	USN-8018-1
reference_type
scores
url	https://usn.ubuntu.com/8018-1/

fixed_packages

url	pkg:deb/debian/jython@0?distro=trixie
purl	pkg:deb/debian/jython@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-v84j-ugn9-w3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2025-11468

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bn83-d2qp-9bfy

url VCID-eer2-83dz-ryea

vulnerability_id VCID-eer2-83dz-ryea

summary

Jython Improper Access Restrictions vulnerability
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.

references

reference_url

http://advisories.mageia.org/MGASA-2015-0096.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://advisories.mageia.org/MGASA-2015-0096.html

reference_url

http://lists.opensuse.org/opensuse-updates/2015-02/msg00055.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2015-02/msg00055.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2027.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2027.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-2027

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05705
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05717
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0571
published_at	2026-04-07T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0575
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05776
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05753
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05746
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05741
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05696
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05642
published_at	2026-04-01T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05676
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2027

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=947949

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=947949

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2027
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2027

reference_url

https://github.com/jython/frozen-mirror/blob/b8d7aa4cee50c0c0fe2f4b235dd62922dd0f3f99/NEWS#L25C8-L25C15

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jython/frozen-mirror/blob/b8d7aa4cee50c0c0fe2f4b235dd62922dd0f3f99/NEWS#L25C8-L25C15

reference_url

https://github.com/jython/frozen-mirror/commit/053949e66d307168fd70b39725f4d3e6b642acc1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jython/frozen-mirror/commit/053949e66d307168fd70b39725f4d3e6b642acc1

reference_url

http://www.mandriva.com/security/advisories?name=MDVSA-2015:158

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.mandriva.com/security/advisories?name=MDVSA-2015:158

reference_url

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777079
reference_id	777079
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777079

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-2027

reference_id

CVE-2013-2027

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-2027

reference_url

https://github.com/advisories/GHSA-9347-9w64-q5wp

reference_id

GHSA-9347-9w64-q5wp

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9347-9w64-q5wp

fixed_packages

url	pkg:deb/debian/jython@2.7.1%2Brepack-1?distro=trixie
purl	pkg:deb/debian/jython@2.7.1%2Brepack-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.1%252Brepack-1%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-v84j-ugn9-w3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2013-2027, GHSA-9347-9w64-q5wp

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eer2-83dz-ryea

url VCID-q6g1-cjz3-77e4

vulnerability_id VCID-q6g1-cjz3-77e4

summary cpython: Tarfile extracts filtered members when errorlevel=0

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4435

reference_id

reference_type

scores

value	0.00541
scoring_system	epss
scoring_elements	0.67621
published_at	2026-04-02T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.67712
published_at	2026-04-18T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.67642
published_at	2026-04-04T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.67622
published_at	2026-04-07T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.67673
published_at	2026-04-08T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.67688
published_at	2026-04-09T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.67711
published_at	2026-04-11T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.67696
published_at	2026-04-12T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.67663
published_at	2026-04-13T12:55:00Z

value	0.00541
scoring_system	epss
scoring_elements	0.67699
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4435

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/issues/135034

reference_id

135034

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/issues/135034

reference_url

https://github.com/python/cpython/pull/135037

reference_id

135037

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/pull/135037

reference_url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_id

19de092debb3d7e832e5672cc2f7b788d35951da

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2370010
reference_id	2370010
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2370010

reference_url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_id

28463dba112af719df1e8b0391c46787ad756dd9

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9

reference_url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_id

3612d8f51741b11f36f8fb0494d79086bac9390a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a

reference_url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_id

4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

reference_url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_id

9c1110ef6652687d7c55f590f909720eddde965a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a

reference_url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_id

9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a

reference_url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_id

aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

reference_url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_id

dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_id

MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

reference_url	https://access.redhat.com/errata/RHSA-2025:10026
reference_id	RHSA-2025:10026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10026

reference_url	https://access.redhat.com/errata/RHSA-2025:10028
reference_id	RHSA-2025:10028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10028

reference_url	https://access.redhat.com/errata/RHSA-2025:10031
reference_id	RHSA-2025:10031
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10031

reference_url	https://access.redhat.com/errata/RHSA-2025:10128
reference_id	RHSA-2025:10128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10128

reference_url	https://access.redhat.com/errata/RHSA-2025:10136
reference_id	RHSA-2025:10136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10136

reference_url	https://access.redhat.com/errata/RHSA-2025:10140
reference_id	RHSA-2025:10140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10140

reference_url	https://access.redhat.com/errata/RHSA-2025:10148
reference_id	RHSA-2025:10148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10148

reference_url	https://access.redhat.com/errata/RHSA-2025:10189
reference_id	RHSA-2025:10189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10189

reference_url	https://access.redhat.com/errata/RHSA-2025:10399
reference_id	RHSA-2025:10399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10399

reference_url	https://access.redhat.com/errata/RHSA-2025:10484
reference_id	RHSA-2025:10484
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10484

reference_url	https://access.redhat.com/errata/RHSA-2025:10602
reference_id	RHSA-2025:10602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10602

reference_url	https://access.redhat.com/errata/RHSA-2025:13267
reference_id	RHSA-2025:13267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13267

reference_url	https://access.redhat.com/errata/RHSA-2025:23530
reference_id	RHSA-2025:23530
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23530

reference_url	https://access.redhat.com/errata/RHSA-2025:9918
reference_id	RHSA-2025:9918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9918

reference_url	https://usn.ubuntu.com/7583-1/
reference_id	USN-7583-1
reference_type
scores
url	https://usn.ubuntu.com/7583-1/

fixed_packages

url	pkg:deb/debian/jython@0?distro=trixie
purl	pkg:deb/debian/jython@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-v84j-ugn9-w3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2025-4435

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q6g1-cjz3-77e4

url VCID-vkq3-8asa-77aj

vulnerability_id VCID-vkq3-8asa-77aj

summary Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.

references

reference_url

http://bugs.jython.org/issue2454

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://bugs.jython.org/issue2454

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4000.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4000.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4000

reference_id

reference_type

scores

value	0.12492
scoring_system	epss
scoring_elements	0.93923
published_at	2026-04-12T12:55:00Z

value	0.12492
scoring_system	epss
scoring_elements	0.93922
published_at	2026-04-13T12:55:00Z

value	0.12492
scoring_system	epss
scoring_elements	0.93919
published_at	2026-04-09T12:55:00Z

value	0.12492
scoring_system	epss
scoring_elements	0.93915
published_at	2026-04-08T12:55:00Z

value	0.12492
scoring_system	epss
scoring_elements	0.93906
published_at	2026-04-07T12:55:00Z

value	0.12492
scoring_system	epss
scoring_elements	0.93903
published_at	2026-04-04T12:55:00Z

value	0.12492
scoring_system	epss
scoring_elements	0.93894
published_at	2026-04-02T12:55:00Z

value	0.12492
scoring_system	epss
scoring_elements	0.93885
published_at	2026-04-01T12:55:00Z

value	0.12492
scoring_system	epss
scoring_elements	0.93949
published_at	2026-04-18T12:55:00Z

value	0.12492
scoring_system	epss
scoring_elements	0.93944
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4000

reference_url

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864859

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4000

reference_url	https://github.com/frohoff/ysoserial/blob/master/src/main/java/ysoserial/payloads/Jython1.java
reference_id
reference_type
scores
url	https://github.com/frohoff/ysoserial/blob/master/src/main/java/ysoserial/payloads/Jython1.java

reference_url	https://github.com/jythontools/jython/commit/4c337213bd2964bb36cef2d31509b49647ca6f2a
reference_id
reference_type
scores
url	https://github.com/jythontools/jython/commit/4c337213bd2964bb36cef2d31509b49647ca6f2a

reference_url

https://hg.python.org/jython/file/v2.7.1rc1/NEWS

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://hg.python.org/jython/file/v2.7.1rc1/NEWS

reference_url

https://hg.python.org/jython/rev/d06e29d100c0

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://hg.python.org/jython/rev/d06e29d100c0

reference_url

https://lists.apache.org/thread.html/0919ec1db20b1022f22b8e78f355667df74d6142b463ff17d03ad533@%3Cdevnull.infra.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/0919ec1db20b1022f22b8e78f355667df74d6142b463ff17d03ad533@%3Cdevnull.infra.apache.org%3E

reference_url

https://security.gentoo.org/glsa/201710-28

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201710-28

reference_url

https://snyk.io/vuln/SNYK-JAVA-ORGPYTHON-31451

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JAVA-ORGPYTHON-31451

reference_url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url

http://www.debian.org/security/2017/dsa-3893

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2017/dsa-3893

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1461928
reference_id	1461928
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1461928

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4000

reference_id

CVE-2016-4000

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4000

reference_url

https://security-tracker.debian.org/tracker/CVE-2016-4000

reference_id

CVE-2016-4000

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security-tracker.debian.org/tracker/CVE-2016-4000

reference_url

https://github.com/advisories/GHSA-6r7r-jj8h-pq6v

reference_id

GHSA-6r7r-jj8h-pq6v

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-6r7r-jj8h-pq6v

fixed_packages

url	pkg:deb/debian/jython@2.5.3-17?distro=trixie
purl	pkg:deb/debian/jython@2.5.3-17?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.5.3-17%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-v84j-ugn9-w3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2016-4000, GHSA-6r7r-jj8h-pq6v

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkq3-8asa-77aj

url VCID-zxzn-25zt-ukct

vulnerability_id VCID-zxzn-25zt-ukct

summary Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open()" API could have commands injected into the underlying shell. See CVE-2026-4519 for details.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4786

reference_id

reference_type

scores

value	0.00015
scoring_system	epss
scoring_elements	0.02998
published_at	2026-04-18T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.0299
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/issues/148169

reference_id

148169

reference_type

scores

value	7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/

url

https://github.com/python/cpython/issues/148169

reference_url

https://github.com/python/cpython/pull/148170

reference_id

148170

reference_type

scores

value	7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/

url

https://github.com/python/cpython/pull/148170

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458049
reference_id	2458049
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458049

reference_url

https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca

reference_id

c5767a72838a8dda9d6dc5d3558075b055c56bca

reference_type

scores

value	7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/

url

https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca

reference_url

https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff

reference_id

d22922c8a7958353689dc4763dd72da2dea03fff

reference_type

scores

value	7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/

url

https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff

reference_url

https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769

reference_id

f4654824ae0850ac87227fb270f9057477946769

reference_type

scores

value	7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/

url

https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/

reference_id

JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5

reference_type

scores

value	7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/

fixed_packages

url	pkg:deb/debian/jython@0?distro=trixie
purl	pkg:deb/debian/jython@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

purl pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-v84j-ugn9-w3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

url pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

purl pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zxzn-25zt-ukct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie

aliases CVE-2026-4786

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zxzn-25zt-ukct

Risk_score 2.8

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie

Package Instance