Vulnerabilities (CVE)

Filtered by vendor Semver-regex Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-43307 1 Semver-regex Project 1 Semver-regex 2024-11-21 5.0 MEDIUM 5.9 MEDIUM
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method
CVE-2021-3795 1 Semver-regex Project 1 Semver-regex 2024-11-21 5.0 MEDIUM 7.5 HIGH
semver-regex is vulnerable to Inefficient Regular Expression Complexity