Vulnerability Details CVE-2015-8857
The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2015-8857
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.7
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.1.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.1.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.10
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.11
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.7
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.8
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.9
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.10
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.11
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.12
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.13
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.14
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.15
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.16
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.17
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.18
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.19
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.20
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.21
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.22
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.23
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.7
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.8
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.9