Skip to content

Add Socket patch for CVE-2022-25883 in pkg:npm/semver@5.4.1#1

Open
socket-security[bot] wants to merge 2 commits into
masterfrom
socket/autopatch-1778574490050-a24a02ee
Open

Add Socket patch for CVE-2022-25883 in pkg:npm/semver@5.4.1#1
socket-security[bot] wants to merge 2 commits into
masterfrom
socket/autopatch-1778574490050-a24a02ee

Conversation

@socket-security
Copy link
Copy Markdown

@socket-security socket-security Bot commented May 12, 2026

Summary

This PR updates Socket security patches for your dependencies.

Changes

  • Added: CVE-2022-25883 in pkg:npm/semver@5.4.1 (Socket Patch)
    • Severity: HIGH
    • Summary: semver vulnerable to Regular Expression Denial of Service

📦 Package.json Updates

This PR automatically configures your postinstall script to apply Socket patches:

  • Updated: 1 file
    • package.json

After merging, patches will automatically apply on npm install.

Testing

Review the patches and test your application to ensure compatibility.

🔒 Powered by Socket Security

socket-security Bot added 2 commits May 12, 2026 08:28
@socket-security
Add Socket patch for CVE-2022-25883 in pkg:npm/semver@5.4.1
ad6545c 
Updates:
- 1 blob(s) added
- 0 blob(s) removed
- Manifest updated
@socket-security
Setup Socket patches
f9d731f 
Configures package.json postinstall scripts to automatically apply Socket security patches.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants