VYPR
Critical severity9.8NVD Advisory· Published Jan 23, 2017· Updated Jun 17, 2026

CVE-2015-8857

CVE-2015-8857

Description

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
uglify-jsnpm
< 2.4.242.4.24
uglifierRubyGems
< 2.7.22.7.2

Affected products

3

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.