8 matches found
Security Bulletin: Rhino CVE-2025-66453 security vulnerability in FileNet Content Manager
Summary Rhino CVE-2025-66453 security vulnerability in FileNet Content Manager. Affected and vulnerable Vulnerability Details CVEID:CVE-2025-66453 DESCRIPTION: Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an applicatio...
Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to rhino
Summary IBM webMethods BPM uses rhino to embed a JavaScript engine for executing internal scripts related to business logic and configuration. Vulnerability Details CVEID:CVE-2025-66453 DESCRIPTION: Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1,...
Security Bulletin: There is a vulnerability in rhino-1.7.15.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-66453)
Summary There is a vulnerability in rhino-1.7.15.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-66453 DESCRIPTION: Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1...
Security Bulletin: IBM i is affected by denial of service vulnerabilities in Db2 JSON Store Technology Preview [CVE-2025-66453]
Summary Db2 for IBM i JSON Store Technology Preview is vulnerable to a denial of service when using the toFixed function CVE-2025-66453 as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2025-66453 DESCRIPTION: Rhino is an open-source implementation of JavaScript...
ai.konduit.serving:konduit-serving-clients (>=0.0.2 <=0.3.0), ai.konduit.serving:konduit-serving-distro-bom (>=0.0.2 <=0.3.0) +4114 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (>=1.7R3 <=1.7.14)
org.mozilla:rhino MAVEN version =1.7R3, =0.0.2, =0.0.2, =0.1-1, =1.0, =1.0, =1.0, =1.2.1 - blog.svenbayer:spring-cloud-contract-swagger =1.2.0.RELEASE - br.com.objectos.jabuticava:boleto =0.3.0 - br.com.objectos.jabuticava:duplicata =0.3.0 - br.com.objectos:boleto =0.1.0 - br.com.objectos:duplica...
ch.reportingsoft.birt:birt-runtime-bundle (>=4.19.0 <=4.20.0), cloud.wondrify:coffee-asset-pipeline (>=5.0.10 <=5.1.0-M4) +163 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (=1.8.0)
org.mozilla:rhino MAVEN version =1.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.mozilla:rhino and may be impacted: - ch.reportingsoft.birt:birt-runtime-bundle =4.19.0, =5.0.10, =5.0.10, =5.0.10, =10.2.1, =8.0.0, =8.0.0, =5.0.6, =5.0.6, =5.0....
ai.konduit.serving:konduit-serving-clients (>=0.0.2 <=0.3.0), ai.konduit.serving:konduit-serving-distro-bom (>=0.0.2 <=0.3.0) +4114 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (>=1.7R3 <=1.7.14)
org.mozilla:rhino MAVEN version =1.7R3, =0.0.2, =0.0.2, =0.1-1, =1.0, =1.0, =1.0, =1.2.1 - blog.svenbayer:spring-cloud-contract-swagger =1.2.0.RELEASE - br.com.objectos.jabuticava:boleto =0.3.0 - br.com.objectos.jabuticava:duplicata =0.3.0 - br.com.objectos:boleto =0.1.0 - br.com.objectos:duplica...
ca.weblite:teavm-lambda-demo-auth (>=0.1.5 <=0.1.6), ca.weblite:teavm-lambda-demo-features (>=0.1.5 <=0.1.6) +231 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (=1.7.15)
org.mozilla:rhino MAVEN version =1.7.15 is affected by a known vulnerability. The following packages have a transitive dependency on org.mozilla:rhino and may be impacted: - ca.weblite:teavm-lambda-demo-auth =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.1, =0.1.1, =0.1.4, =1.9.0, =2.43.0,...