npm semver-regex is a regular expression used to match semver versions. semver-regex versions prior to 3.1.4 and versions 4.0.0 (inclusive) through 4.0.2 have a denial of service vulnerability that stems from not properly handling incoming error messages, which can be exploited to cause a denial of service of the application.