From 67e35cb8bcd4240bf02ebf02aafd9bd7daf9e110 Mon Sep 17 00:00:00 2001
From: maximthomas <maxim.thomas@gmail.com>
Date: Tue, 9 Dec 2025 16:46:26 +0300
Subject: [PATCH] CVE-2025-66453 Rhino has high CPU usage and potential DoS

---
 pom.xml                   | 3 ++-
 script/javascript/pom.xml | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index fe269fc87..1160ab7ac 100644
--- a/pom.xml
+++ b/pom.xml
@@ -205,7 +205,8 @@
         <jackson.version>2.15.4</jackson.version>
         <slf4j.version>2.0.17</slf4j.version>
         <swagger.version>1.6.11</swagger.version>
-        <rhino.version>1.7.14</rhino.version>
+        <rhino.version>1.7.15.1</rhino.version>
+        <rhino.servicemix.version>1.7.15_1</rhino.servicemix.version>
         <jetty.version>11.0.25</jetty.version>
         <grizzly-framework.version>3.0.1</grizzly-framework.version>
         <servlet-api.version>5.0.0</servlet-api.version>
diff --git a/script/javascript/pom.xml b/script/javascript/pom.xml
index a4b792166..23ef91bfe 100644
--- a/script/javascript/pom.xml
+++ b/script/javascript/pom.xml
@@ -67,7 +67,7 @@
         <dependency>
             <groupId>org.apache.servicemix.bundles</groupId>
             <artifactId>org.apache.servicemix.bundles.rhino</artifactId>
-            <version>${rhino.version}_2</version>
+            <version>${rhino.servicemix.version}</version>
         </dependency>
         <!--
         <dependency>