ALPINE-CVE-2020-29362

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS11 function call, the receiving...

Jython: Arbitrary code execution

Background An implementation of Python written in Java. Description It was found that Jython is vulnerable to arbitrary code execution by sending a serialized function to the deserializer. Impact Remote execution of arbitrary code by enticing a user to execute malicious code. Workaround There is ...

Debian DSA-3893-1 : jython - security update

Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] [DSA 3893-1] jython security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3893-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 22, 2017 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3893-1 (jython - security update)

Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer. OpenVAS Vulnerability Test $Id: deb3893.nasl 6782 2017-07-2...