VDB

GCVE-110-MAGEIA-2015-454

GCVE-110-MAGEIA-2015-454
Advisory Published
Vulnetix · Advisory published November 19, 2015
The UglifyJS node module has a problem where the combination of De Morgan's Law and non-boolean values can lead to a case where code is incorrectly minified, which can lead to possibly malicious minified JS code.

Affected Products

VendorProductVersionsPlatforms
Mageianodejs-longest0 (affected), 1.0.1-1.mga5 (unaffected)
Mageianodejs-strip-ansi0 (affected), 3.0.0-1.mga5 (unaffected)
Mageianodejs-is-fullwidth-code-point0 (affected), 1.0.0-1.mga5 (unaffected)
Mageianodejs-repeat-string1.5.2-1.mga5 (unaffected), 0 (affected)
Mageianodejs-window-size0 (affected), 0.1.2-1.mga5 (unaffected)
Mageianodejs-wrap-ansi0 (affected), 1.0.0-1.mga5 (unaffected)
Mageianodejs-right-align0 (affected), 0.1.3-1.mga5 (unaffected)
Mageianodejs-code-point-at1.0.0-1.mga5 (unaffected), 0 (affected)
Mageianodejs-string-width0 (affected), 1.0.1-6.mga5 (unaffected)
Mageianodejs-minimist0 (affected), 1.2.0-1.mga5 (unaffected)
Mageianodejs-align-text0 (affected), 0.1.3-1.mga5 (unaffected)
Mageiauglify-js0 (affected), 2.4.24-3.mga5 (unaffected)
Mageianodejs-kind-of2.0.1-1.mga5 (unaffected), 0 (affected)
Mageianodejs-lcid0 (affected), 1.0.0-1.mga5 (unaffected)
Mageianodejs-cliui0 (affected), 3.0.3-1.mga5 (unaffected)
Mageianodejs-number-is-nan0 (affected), 1.0.0-1.mga5 (unaffected)
Mageianodejs-decamelize0 (affected), 1.0.0-1.mga5 (unaffected)
Mageianodejs-invert-kv0 (affected), 1.0.0-1.mga5 (unaffected)
Mageianodejs-yargs0 (affected), 3.28.0-2.mga5 (unaffected)
Mageianodejs-source-map0.5.1-1.1.mga5 (unaffected), 0 (affected)
Mageianodejs-y18n0 (affected), 3.2.0-1.mga5 (unaffected)
Mageianodejs-ansi-regex0 (affected), 2.0.0-1.mga5 (unaffected)
Mageianodejs-camelcase1.2.1-1.mga5 (unaffected), 0 (affected)
Mageianodejs-os-locale1.4.0-1.mga5 (unaffected), 0 (affected)
Mageianodejs-center-align0.1.1-1.mga5 (unaffected), 0 (affected)
Mageianodejs-is-buffer0 (affected), 1.1.0-1.mga5 (unaffected)

Browse GCVE Records

72,921 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›