← All advisories

High severityNVD Advisory· Published Sep 15, 2021· Updated Aug 3, 2024

Inefficient Regular Expression Complexity in sindresorhus/semver-regex

CVE-2021-3795

Description

semver-regex is vulnerable to Inefficient Regular Expression Complexity

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
semver-regexnpm	< 3.1.3	3.1.3
semver-regexnpm	>= 4.0.0, < 4.0.1	4.0.1

Affected products

10

osv-coords9 versions
pkg:apk/chainguard/pgadmin4 pkg:apk/chainguard/pgadmin4-oci-entrypoint pkg:apk/chainguard/pgadmin4-pg12 pkg:apk/chainguard/pgadmin4-pg13 pkg:apk/chainguard/pgadmin4-pg14 pkg:apk/chainguard/pgadmin4-pg15 pkg:apk/chainguard/pgadmin4-pg16 pkg:apk/chainguard/pgadmin4-pg17 pkg:npm/semver-regex
< 9.1-r1+ 8 more
- (no CPE)range: < 9.1-r1
- (no CPE)range: < 9.1-r1
- (no CPE)range: < 9.1-r1
- (no CPE)range: < 9.1-r1
- (no CPE)range: < 9.1-r1
- (no CPE)range: < 9.1-r1
- (no CPE)range: < 9.1-r1
- (no CPE)range: < 9.1-r1
- (no CPE)range: < 3.1.3
sindresorhus/sindresorhus/semver-regexv5
Range: unspecified

Patches

Vulnerability mechanics

References

4

github.com/advisories/GHSA-44c6-4v22-4mhxghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2021-3795ghsaADVISORY
github.com/sindresorhus/semver-regex/commit/11c66245f4e1976dccc52977ed183696a21a3fd7ghsax_refsource_MISCWEB
huntr.dev/bounties/006624e3-35ac-448f-aab9-7b5183f30e28ghsax_refsource_CONFIRMWEB

News mentions

0

No linked articles in our index yet.