Uploaded image for project: 'Common Controller SDK'
  1. Common Controller SDK
  2. CCSDK-982

Multiple CVES: jython-standalone

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Medium Medium
    • Kohn Release
    • Dublin Release
    • cds

      Jython is vulnerable to the following CVE:

      https://nvd.nist.gov/vuln/detail/CVE-2018-18074
      https://nvd.nist.gov/vuln/detail/CVE-2018-20060
      https://nvd.nist.gov/vuln/detail/CVE-2019-11236
      https://nvd.nist.gov/vuln/detail/CVE-2019-9740

      Note: the last jython release, which we are currently using (2.7.1), was in 2017.  So it appears jython community is no longer active and therefore we should probably consider alternatives.

            ym9479 ym9479
            djtimoney Dan Timoney
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: