Linux Distros Unpatched Vulnerability : CVE-2015-8858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a regular...

Malicious code in geochemistry-panspermia-uglify-js-pulsar (npm)

The package geochemistry-panspermia-uglify-js-pulsar was found to contain malicious code...

Malicious code in abiogenesis-luminescence-uglify-js-mesosphere (npm)

The package abiogenesis-luminescence-uglify-js-mesosphere was found to contain malicious code...

AZL-44460 CVE-2022-25858 affecting package uglify-js for versions less than 3.19.3-11

The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service ReDoS due to insecure usage of regular expressions...

The vulnerability of the uglify-js library in the Aurora application software involves an uncontrolled resource consumption, allowing attackers to cause service failures.

The vulnerability of the uglify-js library in Aurora application software is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to deny services through the use of a specially crafted regular expression...

The vulnerability of the uglify-js library in the Aurora application software allows a hacker to execute arbitrary code by exploiting syntax errors in input data.

The vulnerability of the uglify-js library in the Avrora software application is related to syntax checking errors in input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted Java script...

GHSA-G6F4-J6C2-W3P3 High severity vulnerability that affects uglify-js

Withdrawn, accidental duplicate publish. The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperl...

04_nodeblog (=1.0.0), 08cms (=1.0.0) +17241 more potentially affected by CVE-2015-8858 via uglify-js (>=0.0.1 <=2.5.0)

uglify-js NPM version =0.0.1, =0.3.0, =0.0.1, =1.0.2, =1.0.1, =1.0.0, =0.0.1, =1.0.0-alpha - 3vot-clay =2.0.1 and more Source cves: CVE-2015-8858 Source advisory: OSV:GHSA-C9F4-XJ24-8JQX...

DEBIAN-CVE-2015-8857

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript...

UBUNTU-CVE-2015-8857

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript...