VYPR

Maven package

org.mozilla/rhino

pkg:maven/org.mozilla/rhino

Vulnerabilities (1)

  • CVE-2025-66453HigDec 3, 2025
    affected < 1.7.14.1fixed 1.7.14.1

    Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of