CVE-2025-66453 Rhino has high CPU usage and potential DoS (#158)

maximthomas · web-flow · commit 38fc5f3b54c9 · 2025-12-10T08:32:37.000+03:00
diff --git a/pom.xml b/pom.xml
@@ -205,7 +205,8 @@
         <jackson.version>2.15.4</jackson.version>
         <slf4j.version>2.0.17</slf4j.version>
         <swagger.version>1.6.11</swagger.version>
-        <rhino.version>1.7.14</rhino.version>
+        <rhino.version>1.7.15.1</rhino.version>
+        <rhino.servicemix.version>1.7.15_1</rhino.servicemix.version>
         <jetty.version>11.0.25</jetty.version>
         <grizzly-framework.version>3.0.1</grizzly-framework.version>
         <servlet-api.version>5.0.0</servlet-api.version>
diff --git a/script/javascript/pom.xml b/script/javascript/pom.xml
@@ -67,7 +67,7 @@
         <dependency>
             <groupId>org.apache.servicemix.bundles</groupId>
             <artifactId>org.apache.servicemix.bundles.rhino</artifactId>
-            <version>${rhino.version}_2</version>
+            <version>${rhino.servicemix.version}</version>
         </dependency>
         <!--
         <dependency>
