5 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-8858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a regular...
04_nodeblog (=1.0.0), 08cms (=1.0.0) +17230 more potentially affected by CVE-2015-8858 via uglify-js (>=0.0.1 <=2.5.0)
uglify-js NPM version =0.0.1, =0.3.0, =0.0.1, =1.0.2, =1.0.1, =1.0.0, =0.0.1, =1.0.0-alpha - 3vot-clay =2.0.1 and more Source cves: CVE-2015-8858 Source advisory: OSV:GHSA-C9F4-XJ24-8JQX...
CVE-2015-8858
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...
CVE-2015-8858
CVE-2015-8858 : The vulnerability affects the uglify-js package before 2.6.0 used in Node.js, where a crafted input to parse() can trigger a regular expression denial of service (ReDoS) and cause high CPU usage. Root cause is a flaw in the regular expression handling within the parser. Impact is ...
CVE-2015-8858
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...