Azure Linux 3.0 Security Update: uglify-js (CVE-2022-25858)

The version of uglify-js installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-25858 advisory. - The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial...

The vulnerability of the uglify-js library in the Aurora application software involves an uncontrolled resource consumption, allowing attackers to cause service failures.

The vulnerability of the uglify-js library in Aurora application software is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to deny services through the use of a specially crafted regular expression...

04_nodeblog (=1.0.0), 08cms (=1.0.0) +17241 more potentially affected by CVE-2015-8858 via uglify-js (>=0.0.1 <=2.5.0)

uglify-js NPM version =0.0.1, =0.3.0, =0.0.1, =1.0.2, =1.0.1, =1.0.0, =0.0.1, =1.0.0-alpha - 3vot-clay =2.0.1 and more Source cves: CVE-2015-8858 Source advisory: OSV:GHSA-C9F4-XJ24-8JQX...