CVE-2016-4000by Jeremyin Security Bulletinson Posted on July 6, 2017 Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.