1
Candidate: CVE-2015-8857
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8857
5
https://nodesecurity.io/advisories/39
6
http://www.openwall.com/lists/oss-security/2016/04/20/11
9
The uglify-js package before 2.4.24 for Node.js does not properly account
10
for non-boolean values when rewriting boolean expressions, which might
11
allow attackers to bypass security mechanisms or possibly have unspecified
12
other impact by leveraging improperly rewritten Javascript.
21
upstream: https://github.com/mishoo/UglifyJS2/commit/905b6011784ca60d41919ac1a499962b7c1d4b02
22
upstream_uglifyjs: released (2.4.24)
23
precise_uglifyjs: ignored (reached end-of-life)
24
precise/esm_uglifyjs: DNE (precise was needed)
25
trusty_uglifyjs: needed
26
vivid/stable-phone-overlay_uglifyjs: DNE
27
vivid/ubuntu-core_uglifyjs: DNE
28
wily_uglifyjs: ignored (reached end-of-life)
29
xenial_uglifyjs: needed
30
yakkety_uglifyjs: ignored (reached end-of-life)
31
zesty_uglifyjs: ignored (reached end-of-life)
32
artful_uglifyjs: needed
33
bionic_uglifyjs: needed
34
devel_uglifyjs: needed