Lucene search
Adam BaldwinNODEJS:31HistoryOct 17, 2015 - 7:41 p.m.
Regular Expression Denial of Service
2015-10-1719:41:46
Adam Baldwin
www.npmjs.com
36
EPSS
0.002
Percentile
64.5%
Overview
Versions 4.3.1 and earlier of semver are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed.
Recommendation
Update to version 4.3.2 or later
References
Related
cvelist
cvelist
CVE-2015-8855
2017-01-23 21:00:00
cve
cve
CVE-2015-8855
2017-01-23 21:59:00
ubuntucve
ubuntucve
CVE-2015-8855
2017-01-23 00:00:00
nessus
nessus
Ubuntu 16.04 ESM : semver vulnerability (USN-4776-1)
2023-10-23 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4776-1)
2023-01-27 00:00:00
ubuntu
ubuntu
semver vulnerability
2021-03-15 00:00:00
github
github
Regular Expression Denial of Service in semver
2017-10-24 18:33:36
debiancve
debiancve
CVE-2015-8855
2017-01-23 21:59:00
osv
osv
Regular Expression Denial of Service in semver
2017-10-24 18:33:36
node-semver vulnerability
2021-03-15 20:51:27
prion
prion
Design/Logic Flaw
2017-01-23 21:59:00
nvd
nvd
CVE-2015-8855
2017-01-23 21:59:00
ibm
ibm
f5
f5
K30110324 : Multiple Node.js vulnerabilities
2018-10-16 00:00:00