CVE-2021-43307 Information

Description

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package when an attacker is able to supply arbitrary input to the test() method

Reference

https://research.jfrog.com/vulnerabilities/semver-regex-redos-xray-211349/