npm package
semver-regex
pkg:npm/semver-regex
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-43307 | — | < 3.1.4 | 3.1.4 | Jun 1, 2022 | An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method | ||
| CVE-2021-3795 | — | < 3.1.3 | 3.1.3 | Sep 15, 2021 | semver-regex is vulnerable to Inefficient Regular Expression Complexity |
- CVE-2021-43307Jun 1, 2022affected < 3.1.4fixed 3.1.4
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method
- CVE-2021-3795Sep 15, 2021affected < 3.1.3fixed 3.1.3
semver-regex is vulnerable to Inefficient Regular Expression Complexity