Lucene search
K

18 matches found

OpenVAS
OpenVAS
added 2026/03/09 12:0 a.m.2 views

SUSE: Security Advisory (SUSE-SU-2026:20603-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.00235EPSS
Exploits0References4
OSV
OSV
added 2026/03/02 4:0 p.m.8 views

SUSE-SU-2026:20603-1 Security update for rhino

This update for rhino fixes the following issues: Update to 1.7.15.1: - CVE-2025-66453: Fixed a problem with formatting of floating-point numbers to strings that may result in DoS bsc1254481...

7.5CVSS5.8AI score0.00235EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/02 10:5 a.m.10 views

Security Bulletin: There is a vulnerability in rhino-1.7.15.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-66453)

Summary There is a vulnerability in rhino-1.7.15.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-66453 DESCRIPTION: Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1...

7.5CVSS6AI score0.00235EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/17 10:9 p.m.10 views

Security Bulletin: IBM i is affected by denial of service vulnerabilities in Db2 JSON Store Technology Preview [CVE-2025-66453]

Summary Db2 for IBM i JSON Store Technology Preview is vulnerable to a denial of service when using the toFixed function CVE-2025-66453 as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2025-66453 DESCRIPTION: Rhino is an open-source implementation of JavaScript...

7.5CVSS5.6AI score0.00235EPSS
Exploits0Affected Software4
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.4 views

Amazon Linux 2023 : rhino, rhino-engine, rhino-javadoc (ALAS2023-2025-1339)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1339 advisory. Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the...

7.5CVSS5.4AI score0.00235EPSS
Exploits0References4
Amazon
Amazon
added 2026/01/07 12:0 a.m.5 views

Medium: rhino

Issue Overview: Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed function, it might lead to high CPU consumption and a potential Denial of...

6.9CVSS6.7AI score0.00235EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/12/15 12:0 a.m.1 views

SUSE: Security Advisory (SUSE-SU-2025:4390-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.00235EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/13 12:0 a.m.2 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rhino (SUSE-SU-2025:4390-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4390-1 advisory. Update to version 1.7.15.1. Security issues fixed: - CVE-2025-66453: high CPU consumption when processing...

7.5CVSS5.5AI score0.00235EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/12/12 4:18 p.m.6 views

Security update for rhino

This update for rhino fixes the following issues: Update to version 1.7.15.1. Security issues fixed: CVE-2025-66453: high CPU consumption when processing specific numbers via the toFixed function bsc1254481. Other changes and issues fixed: Version 1.7.15: Basic support for "rest parameters"...

6.9CVSS7.1AI score0.00235EPSS
Exploits0References4
OSV
OSV
added 2025/12/12 4:18 p.m.2 views

SUSE-SU-2025:4390-1 Security update for rhino

This update for rhino fixes the following issues: Update to version 1.7.15.1. Security issues fixed: - CVE-2025-66453: high CPU consumption when processing specific numbers via the toFixed function bsc1254481. Other changes and issues fixed: - Version 1.7.15: Basic support for 'rest parameters'...

7.5CVSS6.9AI score0.00235EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-66453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker...

7.5CVSS7.2AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2025/12/03 8:16 p.m.3 views

UBUNTU-CVE-2025-66453

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed function, it might lead to high CPU consumption and a potential Denial of Service. Small...

7.5CVSS6.7AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2025/12/03 7:31 p.m.3 views

CVE-2025-66453 Rhino vulnerable high CPU usage and potential DoS when passing specific numbers to toFixed() function

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed function, it might lead to high CPU consumption and a potential Denial of Service. Small...

6.9CVSS6.6AI score0.00235EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/12/03 7:31 p.m.4 views

CVE-2025-66453

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed function, it might lead to high CPU consumption and a potential Denial of Service. Small...

7.5CVSS7.6AI score0.00235EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/03 4:57 p.m.7 views

ai.konduit.serving:konduit-serving-clients (>=0.0.2 <=0.3.0), ai.konduit.serving:konduit-serving-distro-bom (>=0.0.2 <=0.3.0) +4114 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (>=1.7R3 <=1.7.14)

org.mozilla:rhino MAVEN version =1.7R3, =0.0.2, =0.0.2, =0.1-1, =1.0, =1.0, =1.0, =1.2.1 - blog.svenbayer:spring-cloud-contract-swagger =1.2.0.RELEASE - br.com.objectos.jabuticava:boleto =0.3.0 - br.com.objectos.jabuticava:duplicata =0.3.0 - br.com.objectos:boleto =0.1.0 - br.com.objectos:duplica...

7.5CVSS7.4AI score0.00235EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/03 4:57 p.m.5 views

ch.reportingsoft.birt:birt-runtime-bundle (>=4.19.0 <=4.20.0), cloud.wondrify:coffee-asset-pipeline (>=5.0.10 <=5.1.0-M4) +163 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (=1.8.0)

org.mozilla:rhino MAVEN version =1.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.mozilla:rhino and may be impacted: - ch.reportingsoft.birt:birt-runtime-bundle =4.19.0, =5.0.10, =5.0.10, =5.0.10, =10.2.1, =8.0.0, =8.0.0, =5.0.6, =5.0.6, =5.0....

7.5CVSS7.2AI score0.00235EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/03 4:57 p.m.8 views

ch.reportingsoft.birt:birt-runtime-bundle (>=4.19.0 <=4.20.0), cloud.wondrify:coffee-asset-pipeline (>=5.0.10 <=5.1.0-M4) +163 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (=1.8.0)

org.mozilla:rhino MAVEN version =1.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.mozilla:rhino and may be impacted: - ch.reportingsoft.birt:birt-runtime-bundle =4.19.0, =5.0.10, =5.0.10, =5.0.10, =10.2.1, =8.0.0, =8.0.0, =5.0.6, =5.0.6, =5.0....

7.5CVSS7.2AI score0.00235EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/03 4:57 p.m.8 views

ca.weblite:teavm-lambda-demo-auth (>=0.1.5 <=0.1.6), ca.weblite:teavm-lambda-demo-features (>=0.1.5 <=0.1.6) +231 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (=1.7.15)

org.mozilla:rhino MAVEN version =1.7.15 is affected by a known vulnerability. The following packages have a transitive dependency on org.mozilla:rhino and may be impacted: - ca.weblite:teavm-lambda-demo-auth =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.1, =0.1.1, =0.1.4, =1.9.0, =2.43.0,...

7.5CVSS6.5AI score0.00235EPSS
Exploits0
Rows per page
Query Builder