We found results for “”
CVE-2013-2027
Good to know:
Date: February 13, 2015
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.
Language: Java
Severity Score
Related Resources (10)
Severity Score
Weakness Type (CWE)
Permissions, Privileges, and Access Control
CWE-264Top Fix
Upgrade Version
Upgrade to version org.python:jython-standalone:2.7.2b3,org.python:jython-standalone:2.7.2b3,org.python:jython-slim:2.7.2b3
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | LOW |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | LOCAL |
Access Complexity (AC): | LOW |
Authentication (AU): | NONE |
Confidentiality (C): | PARTIAL |
Integrity (I): | PARTIAL |
Availability (A): | PARTIAL |
Additional information: |