EPSS
Percentile
64.5%
Versions 4.3.1 and earlier of semver are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed.
semver
Update to version 4.3.2 or later
www.openwall.com/lists/oss-security/2016/04/20/11
www.securityfocus.com/bid/86957
github.com/advisories/GHSA-x6fg-f45m-jf5q
nvd.nist.gov/vuln/detail/CVE-2015-8855
www.npmjs.com/advisories/31
www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS