ROOT-APP-NPM-CVE-2021-3795 CVE-2021-3795 in @rootio/semver-regex - Patched by Root

Root has patched CVE-2021-3795 in the @rootio/semver-regex package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2021-43307 CVE-2021-43307 in @rootio/semver-regex - Patched by Root

Root has patched CVE-2021-43307 in the @rootio/semver-regex package for Root:npm. Multiple fixed versions available...

EUVD-2021-1966

Malware in sbrugna...

EUVD-2022-5926

Malicious code in bioql PyPI...

npm semver-regex denial of service vulnerability

npm semver-regex is a regular expression used to match semver versions. semver-regex versions prior to 3.1.4 and versions 4.0.0 inclusive through 4.0.2 have a denial of service vulnerability that stems from not properly handling incoming error messages, which can be exploited to cause a denial of...

Regular Expression Denial Of Service (ReDoS)

semver-regex is vulnerable to regular expression denial of service. The vulnerability exists in semverRegex function in index.js due to improper use of regular expressions which allows an attacker to cause a ReDos...

GHSA-4X5V-GMQ8-25CH Regular expression denial of service in semver-regex

An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...

08cms (=1.0.0), 1-test-gulp-1 (>=0.0.1 <=0.0.4) +6879 more potentially affected by CVE-2021-43307 via semver-regex (>=0.1.1 <=3.1.3)

semver-regex NPM version =0.1.1, =0.0.1, =1.0.0, =3.1.4, =1.0.3, =1.0.0, =3.1.6, =0.0.1, =1.0.0, =1.0.0, =1.1.2 - 3vot-clay =2.0.1 - 433bf =0.0.1 and more Source cves: CVE-2021-43307 Source advisory: OSV:GHSA-4X5V-GMQ8-25CH...

Regular expression denial of service in semver-regex

An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...

CVE-2021-43307

An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...

CVE-2021-43307

An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...

Input validation

An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...

semver-regex 安全漏洞

npm semver-regex is a regular expression used to match semver versions. semver-regex versions prior to 3.1.4 and versions 4.0.0 inclusive through 4.0.2 have a denial of service vulnerability that stems from not properly handling incoming error messages, which can be exploited to cause a denial of...

CVE-2021-43307 Exponential ReDoS in semver-regex

An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test method...

CVE-2021-43307

CVE-2021-43307 is a Denial of Service vulnerability in the semver-regex npm package that can be triggered by arbitrary input to the test() method, causing an exponential ReDoS. Public sources (CNVD-2022-76985) indicate DoS affects semver-regex versions prior to 3.1.4 and 4.0.0–4.0.2; patch versio...

PT-2022-11819 · Npm · Semver-Regex

Name of the Vulnerable Software and Affected Versions: semver-regex affected versions not specified Description: An exponential ReDoS Regular Expression Denial of Service can be triggered in the semver-regex npm package when an attacker supplies arbitrary input to the test method. Recommendations...

08cms (=1.0.0), 1-test-gulp-1 (>=0.0.1 <=0.0.4) +6878 more potentially affected by CVE-2021-3795 via semver-regex (>=0.1.1 <=3.1.2)

semver-regex NPM version =0.1.1, =0.0.1, =1.0.0, =3.1.4, =1.0.3, =1.0.0, =3.1.6, =0.0.1, =1.0.0, =1.0.0, =1.1.2 - 3vot-clay =2.0.1 - 433bf =0.0.1 and more Source cves: CVE-2021-3795 Source advisory: OSV:GHSA-44C6-4V22-4MHX...

CVE-2021-3795

A flaw was found in the semver-regex library where it could lead to consuming a big amount of resources when executing specific strings. Attackers could take advantage of this by crafting an invalid version causing a disruption or a denial of service DoS...

Regular Expression Denial Of Service (ReDoS)

semver-regex is vulnerable to regular expression denial of service. An attacker is able to crash the application by submitting a malicious string to the function semverRegex...

CVE-2021-3795

semver-regex is vulnerable to Inefficient Regular Expression Complexity...