Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Semver-regex Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3795 1 Semver-regex Project 1 Semver-regex 2022-07-29 5.0 MEDIUM 7.5 HIGH
semver-regex is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-43307 1 Semver-regex Project 1 Semver-regex 2022-06-09 5.0 MEDIUM 7.5 HIGH
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method