CVE-2016-4000: jython: Unsafe deserialization leads to code execution

Severity: Critical

CVSS Score: 9.8

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.