ca.weblite:teavm-lambda-demo-auth (>=0.1.5 <=0.1.6), ca.weblite:teavm-lambda-demo-features (>=0.1.5 <=0.1.6) +221 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (=1.7.15)

org.mozilla:rhino MAVEN version =1.7.15 is affected by a known vulnerability. The following packages have a transitive dependency on org.mozilla:rhino and may be impacted: - ca.weblite:teavm-lambda-demo-auth =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.1, =0.1.1, =0.1.4, =1.9.0, =2.43.0,...

ai.konduit.serving:konduit-serving-clients (>=0.0.2 <=0.3.0), ai.konduit.serving:konduit-serving-distro-bom (>=0.0.2 <=0.3.0) +4114 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (>=1.7R3 <=1.7.14)

org.mozilla:rhino MAVEN version =1.7R3, =0.0.2, =0.0.2, =0.1-1, =1.0, =1.0, =1.0, =1.2.1 - blog.svenbayer:spring-cloud-contract-swagger =1.2.0.RELEASE - br.com.objectos.jabuticava:boleto =0.3.0 - br.com.objectos.jabuticava:duplicata =0.3.0 - br.com.objectos:boleto =0.1.0 - br.com.objectos:duplica...

Mozilla Rhino 资源管理错误漏洞

Mozilla Rhino is an open source JavaScript engine from Mozilla Corporation. A resource management error vulnerability exists in Mozilla Rhino versions 1.8.1, 1.7.15.1, and prior to 1.7.14.1, which stems from the improper handling of floating point numbers by the toFixed function, which could lead...

Exploit for CVE-2023-21939

JDK CVE-2023-21939 文章链接https://mp.weixin.qq.com/s?biz=M...

JVN#34535327: HtmlUnit vulenerable to arbitrary code execution

HtmlUnit is a Java-based library which provides web browser functionality to Java programs, and it supports JavaScript evaluation with embedded Mozilla Rhino engine. Mozilla Rhino engine offers a feature to make Java objects available from JavaScript. HtmlUnit initializes Rhino engine improperly,...

BurpSuiteJSBeautifier - Burp Suite JavaScript Beautifier

Most of the websites compress their resources such as JS files in order to increase the loading speed. However, security testing and debugging a compressed resource is not an easy task. This is a Burp Suite open source extension which makes it possible to beautify most of the resources properly...

JDownloader JDExternInterface.java远程代码执行漏洞

BUGTRAQ ID: 38143 JDownloader是专为Rapidshare等站点设计的网盘下载工具。 JDownloader在下载过程中所传输的密钥可能为明文或JavaScript代码，之后在Mozilla Rhino Javascript实现中执行。以下是相关代码: （plugins/JDExternInterface.jar/JDExternInterface.java）： String jk = Encoding.urlDecoderequest.getParameters.get"jk", false; ... Context cx = Context.enter;...

JDownloader concept included execution vulnerability

Exploit for unknown platform in category web applications ==================================================== JDownloader concept included execution vulnerability ==================================================== - -- Product JDownloader1 is an open source download manager for One-Click-...