Releases119
Frequency1 month 2 weeks
Last Release
The semantic version parser used by npm.
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| < 5.7.2, >= 6.0.0, < 6.3.1, = *, >= 7.0.0, < 7.5.3 | 5.3 MEDIUM | — | ||
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. | ||||