Deserialization of Untrusted Data in Jython
Jython before 2.7.1b3 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.
Jython before 2.7.1b3 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.