Semver-Regex Project: Security Vulnerabilities
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method
CVSS Score
5.9
EPSS Score
0.031
Published
2022-06-02
semver-regex is vulnerable to Inefficient Regular Expression Complexity
CVSS Score
7.5
EPSS Score
0.001
Published
2021-09-15