VulnerableCode Package Details - pkg:maven/org.python/jython@2.7.1-b3

Search for packages

Package details: pkg:maven/org.python/jython@2.7.1-b3

purl	pkg:maven/org.python/jython@2.7.1-b3
Tags	Ghost

Next non-vulnerable version	2.7.2b2
Latest non-vulnerable version	2.7.2b2
Risk	4.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-s37h-9fw6-aaab Aliases: CVE-2016-4000 GHSA-6r7r-jj8h-pq6v	Deserialization Gadget This package allows attackers to execute arbitrary code via a crafted serialized PyFunction object.	2.7.1-rc1 Affected by 0 other vulnerabilities. 2.7.2b2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-s37h-9fw6-aaab
Aliases:
CVE-2016-4000
GHSA-6r7r-jj8h-pq6v

Deserialization Gadget This package allows attackers to execute arbitrary code via a crafted serialized PyFunction object.

2.7.1-rc1
Affected by 0 other vulnerabilities.

2.7.2b2
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-01-17T02:30:05.882507+00:00	GHSA Importer	Affected by	VCID-s37h-9fw6-aaab	None	35.1.0
2024-09-17T22:40:16.427395+00:00	GitLab Importer	Affected by	VCID-s37h-9fw6-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.python/jython/CVE-2016-4000.yml	34.0.1
2024-09-17T22:04:28.215591+00:00	GHSA Importer	Affected by	VCID-s37h-9fw6-aaab	https://github.com/advisories/GHSA-6r7r-jj8h-pq6v	34.0.1
2024-01-03T18:02:43.367168+00:00	GitLab Importer	Affected by	VCID-s37h-9fw6-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.python/jython/CVE-2016-4000.yml	34.0.0rc1
2024-01-03T17:39:17.673223+00:00	GHSA Importer	Affected by	VCID-s37h-9fw6-aaab	https://github.com/advisories/GHSA-6r7r-jj8h-pq6v	34.0.0rc1