Lucene search

Semver Security Vulnerabilities

cve

CVE-2022-25883

Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a...

7.5CVSS

6.5AI Score

0.001EPSS

2023-06-21 05:15 AM

281

cve

CVE-2022-25853

All versions of the package semver-tags are vulnerable to Command Injection via the getGitTagsRemote function due to improper input...

7.8CVSS

7.8AI Score

0.0004EPSS

2023-02-06 05:15 AM

cve

CVE-2021-43307

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test()...

7.5CVSS

7.6AI Score

0.001EPSS

2022-06-02 02:15 PM

cve

CVE-2021-3795

semver-regex is vulnerable to Inefficient Regular Expression...

7.5CVSS

7.4AI Score

0.001EPSS

2021-09-15 05:15 PM