Vulnerability Details CVE-2015-8857
The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2015-8857
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:0.0.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.0.7
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.1.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.1.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.2.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:1.3.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.10
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.11
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.7
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.8
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.1.9
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.2.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.3.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.0
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.1
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.10
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.11
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.12
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.13
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.14
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.15
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.16
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.17
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.18
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.19
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.2
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.20
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.21
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.22
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.23
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.3
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.4
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.5
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.6
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.7
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.8
-
cpe:2.3:a:uglifyjs_project:uglifyjs:2.4.9