Information on source package jython

Available versions

ReleaseVersion
bullseye2.7.2+repack1-3
bookworm2.7.3+repack1-1
trixie2.7.3+repack1-1
sid2.7.3+repack1-1

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2025-6069vulnerablevulnerable (no DSA)vulnerablevulnerableThe html.parser.HTMLParser class had worse-case quadratic complexity w ...
CVE-2019-16935vulnerable (no DSA, ignored)fixedfixedfixedThe documentation XML-RPC server in Python through 2.7.16, 3.x through ...

Open unimportant issues

BugbullseyebookwormtrixiesidDescription
CVE-2017-17522vulnerablevulnerablevulnerablevulnerableLib/webbrowser.py in Python through 3.6.3 does not validate strings be ...

Resolved issues

BugDescription
CVE-2025-4517Allows arbitrary filesystem writes outside the extraction directory du ...
CVE-2025-4435When using a TarFile.errorlevel = 0and extracting with a filter the do ...
CVE-2025-4330Allows the extraction filter to be ignored, allowing symlink targets t ...
CVE-2025-4138Allows the extraction filter to be ignored, allowing symlink targets t ...
CVE-2024-12718Allows modifying some file metadata (e.g. last modified) with filter=" ...
CVE-2016-4000Jython before 2.7.1rc1 allows attackers to execute arbitrary code via ...
CVE-2013-2027Jython 2.2.1 uses the current umask to set the privileges of the class ...

Security announcements

DSA / DLADescription
DSA-3893-1jython - security update
DLA-989-1jython - security update

Search for package or bug name: Reporting problems