Lucene search
Veracode Vulnerability DatabaseVERACODE:32126HistorySep 16, 2021 - 4:00 a.m.
Regular Expression Denial Of Service (ReDoS)
2021-09-1604:00:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
45.8%
semver-regex is vulnerable to regular expression denial of service. An attacker is able to crash the application by submitting a malicious string to the function semverRegex.
| CPE | Name | Operator | Version |
|---|---|---|---|
| semver-regex | le | 4.0.0 | |
| semver-regex | le | 4.0.0 | |
| semver-regex | eq | 1.0.0 | |
| semver-regex | le | 4.0.0 | |
| semver-regex | le | 4.0.0 | |
| semver-regex | eq | 1.0.0 |
Related
cve
cve
CVE-2021-3795
2021-09-15 17:15:10
redhatcve
redhatcve
CVE-2021-3795
2021-09-20 17:46:53
osv
osv
semver-regex Regular Expression Denial of Service (ReDOS)
2021-09-20 20:42:25
CVE-2021-3795
2021-09-15 17:15:10
prion
prion
Design/Logic Flaw
2021-09-15 17:15:00
huntr
huntr
Inefficient Regular Expression Complexity in sindresorhus/semver-regex
2021-09-10 12:09:00
nvd
nvd
CVE-2021-3795
2021-09-15 17:15:10
github
github
semver-regex Regular Expression Denial of Service (ReDOS)
2021-09-20 20:42:25
cvelist
cvelist
