CVE-2021-3795

semver-regex Regular Expression Denial of Service (ReDOS)

Description

npm semver-regex is vulnerable to Inefficient Regular Expression Complexity

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

7.5

Severity

High

Ecosystem

JavaScript

Publish Date

September 20, 2021

Modified Date

February 3, 2026

Score Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Versions