[GH-ISSUE #977] Getting Semver Vercaode vulnarability #6593

Closed
opened 2026-06-17 05:27:08 -05:00 by GiteaMirror · 1 comment
Owner

Originally created by @SanthoshReddyTR on GitHub (Oct 11, 2023).
Original GitHub issue: https://github.com/semver/semver/issues/977

Hi Team,
In our project we are getting semver vulnerability when we are updating semver 6.3.1/7.5.2/7.5.4 through,still it is picking 7.3.5 version in veracode scan.
Please find the below details
Angular CLI version 13.2.3
Angular core 13.2.2
Node 14.15.0
After updating node to 14.17.3 also same scan issue.

Please find the below screen shots and guide me on this semver vulnerability.
image
image

Originally created by @SanthoshReddyTR on GitHub (Oct 11, 2023). Original GitHub issue: https://github.com/semver/semver/issues/977 Hi Team, In our project we are getting semver vulnerability when we are updating semver 6.3.1/7.5.2/7.5.4 through,still it is picking 7.3.5 version in veracode scan. Please find the below details Angular CLI version 13.2.3 Angular core 13.2.2 Node 14.15.0 After updating node to 14.17.3 also same scan issue. Please find the below screen shots and guide me on this semver vulnerability. ![image](https://github.com/semver/semver/assets/102598539/c1b0f610-a844-4210-8c28-a7adf00e1ab5) ![image](https://github.com/semver/semver/assets/102598539/b0412256-04ba-471a-b145-a0b483efacf9)
Author
Owner

@ljharb commented on GitHub (Oct 11, 2023):

I think you meant to file this on node-semver, not this repo.

<!-- gh-comment-id:1756549185 --> @ljharb commented on GitHub (Oct 11, 2023): I think you meant to file this on node-semver, not this repo.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/semver#6593