Описание
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.
Отчет
This issue affects the versions of jython as shipped with Red Hat Enterprise Linux version 5 and 6. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | jython | Will not fix | ||
| Red Hat JBoss Enterprise Application Platform 6 | jython | Will not fix | ||
| Red Hat JBoss SOA Platform 4.3 | jython | Will not fix | ||
| Red Hat JBoss SOA Platform 5 | jython | Will not fix | ||
| Red Hat Satellite 5.4 | jython | Will not fix | ||
| Red Hat Satellite 5.5 | jython | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
3.7 Low
CVSS2
Связанные уязвимости
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.
Jython 2.2.1 uses the current umask to set the privileges of the class ...
EPSS
3.7 Low
CVSS2