semver-regex (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package semver-regex, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2021-43307 — CVSS 5.9 (medium): An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to…