Jython main dependency bundles a bunch of external libs, many of which are rather old versions. Bouncy castle in particular is currently bcprov-jdk18on-1.78.1.jar
So, the entire Python latest version is red-flagged with CVSS 8.9 CVE vulnerability.
Please update this in 2.7.5
Jython main dependency bundles a bunch of external libs, many of which are rather old versions. Bouncy castle in particular is currently bcprov-jdk18on-1.78.1.jar
So, the entire Python latest version is red-flagged with CVSS 8.9 CVE vulnerability.
Please update this in 2.7.5