Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
npm
@salesforce/code-analyzer-pmd-engine
0.16.0-SNAPSHOT
@salesforce/code-analyzer-pmd-engine 0.16.0-SNAPSHOT
Published
Dec 13, 2024
•
Policy
compliance
npm Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
34
Versions
34
Vulnerabilities
5
Vulnerabilities
5
Dependencies
2
Dependencies
2
Reset filters
Severity
Critical
(0)
High
(1)
Medium
(0)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
7.5
CVE-2025-66453
Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.
affected
Severity
High
Published
Dec 4, 2025
