SUSE CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

Deserialization of Untrusted Data in Jython

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

GHSA-6R7R-JJ8H-PQ6V Deserialization of Untrusted Data in Jython

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

The vulnerability of the Jython software platform, related to the restoration of unreliable data in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Jython software platform lies in the possibility of restoring unreliable data in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code using a specially created serialized object of type PyFunction...

Jython Arbitrary Code Execution Vulnerability

Jython is an implementation of the Python programming language that runs on the Java platform. An arbitrary code execution vulnerability exists in Jython. Allows an attacker to execute arbitrary code via specially designed serialized PyFunction objects...

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

Code injection

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

DEBIAN-CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

UBUNTU-CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

CVE-2016-4000

CVE-2016-4000 affects Oracle Enterprise Manager Base Platform (Jython) — a remote code execution via a crafted serialized PyFunction object. The GitHub advisory GHSA-6R7R-JJ8H-PQ6V corroborates deserialization of untrusted data in Jython and references the same CVE. Tenable Nessus entries (e.g., ...

Remote Code Execution (RCE)

Jython is vulnerable to remote code execution RCE. A malicious user can send a serialized pyfunction object to the system that when deserialized causes arbitrary code to be executed...