From 820173ebf8810cc2f99085e709e21c8f22cf1702 Mon Sep 17 00:00:00 2001
From: Kakhnovich Raman <roma3122001@gmail.com>
Date: Fri, 20 Mar 2026 14:25:15 +0300
Subject: [PATCH 1/2] Update vulnerable rhino and jackson-databind dependencies

---
 core/pom.xml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index 0dbcbba95..82580d40e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -50,6 +50,7 @@
     <dependency>
       <groupId>org.mozilla</groupId>
       <artifactId>rhino</artifactId>
+        <version>1.8.1</version>
     </dependency>
 
     <dependency>
@@ -94,7 +95,7 @@
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-databind</artifactId>
-      <version>2.15.0</version>
+      <version>2.21.1</version>
     </dependency>
 
     <dependency>

From 2eab848915f8abb42f3c4826637799974854bdcb Mon Sep 17 00:00:00 2001
From: Kakhnovich Raman <roma3122001@gmail.com>
Date: Fri, 20 Mar 2026 14:33:03 +0300
Subject: [PATCH 2/2] Downgrade rhino version for java 8

---
 core/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/pom.xml b/core/pom.xml
index 82580d40e..9341791c7 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -50,7 +50,7 @@
     <dependency>
       <groupId>org.mozilla</groupId>
       <artifactId>rhino</artifactId>
-        <version>1.8.1</version>
+        <version>1.7.15.1</version>
     </dependency>
 
     <dependency>