VDB
CVE-2016-4000
CVE-2016-4000
PUBLISHED
Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.
EPSS 12.49% · 94.1th percentile
Risk Scores
EPSS Score
12.49%
94.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:14.04:LTS | jython | 0, 2.5.3-1, 2.5.2-2 |
| Ubuntu:16.04:LTS | jython | 2.5.3-8, 0, 2.5.3-9 |
Exploit Intelligence
- DSA-3893 (circl)
- GLSA-201710-28 (circl)
- 105647 (circl)
- [infra-devnull] 20190402 [GitHub] [flink] aloyszhang opened pull request #8100: [FLINK-12082] Bump up the jython-standalone version (circl)
- https://www.oracle.com/security-alerts/cpuapr2020.html (circl)
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html (circl)
- https://www.oracle.com/security-alerts/cpujul2020.html (circl)
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html (circl)
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html (circl)
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html (circl)
…and 7 more exploits
Timeline
- Jul 6, 2017 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jun 16, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2016-4000 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2016-4000 third-party-advisory