Skip to content

semver - Vulnerability CVE-2022-25883 #87

Open
Open
semver - Vulnerability CVE-2022-25883#87
@KEGustafsson

Description

@KEGustafsson
KEGustafsson
opened on Sep 20, 2025

Package: semver
Installed Version: 5.4.1
Vulnerability CVE-2022-25883
Severity: HIGH
Fixed Version: 7.5.2, 6.3.1, 5.7.2
Link: CVE-2022-25883

Can you update semver to 5.7.2, which have fixed vulnerability?
To my understanding there is no breaking changes between 5.4.1 and 5.7.2.
I can make a PR if any help?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions