Overview
Versions of uglify-js
prior to 2.4.24 are affected by a vulnerability which may cause crafted JavaScript to have altered functionality after minification.
Remediation
Upgrade UglifyJS to version >= 2.4.24.
Resources
Have content suggestions? Send them to [email protected]
Advisory timeline
published
Advisory publishedAug 24th, 2015reported
Initial report by Tom MacWrightOct 17th, 2015