VulnerableCode Package Details - pkg:npm/semver@4.3.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/semver@4.3.2

Essentials
History (3)

purl	pkg:npm/semver@4.3.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-1595-63k8-g3db	Regular Expression Denial of Service semver is vulnerable to regular expression denial of service when extremely long version strings are parsed.	GMS-2015-9
VCID-uq38-fq6t-u3gs	Regular Expression Denial of Service in semver Versions 4.3.1 and earlier of `semver` are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed.	CVE-2015-8855 GHSA-x6fg-f45m-jf5q

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T00:49:54.555389+00:00	GHSA Importer	Fixing	VCID-uq38-fq6t-u3gs	https://github.com/advisories/GHSA-x6fg-f45m-jf5q	38.6.0
2026-05-30T20:53:12.039528+00:00	GitLab Importer	Fixing	VCID-uq38-fq6t-u3gs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/semver/CVE-2015-8855.yml	38.6.0
2026-05-30T20:52:14.374482+00:00	GitLab Importer	Fixing	VCID-1595-63k8-g3db	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/semver/GMS-2015-9.yml	38.6.0