semver-regex is vulnerable to Inefficient Regular Expression Complexity. Reference: https://huntr.dev/bounties/006624e3-35ac-448f-aab9-7b5183f30e28 Upstream patch: https://github.com/sindresorhus/semver-regex/commit/11c66245f4e1976dccc52977ed183696a21a3fd7
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.2 for RHEL 8 Red Hat Advanced Cluster Management for Kubernetes 2.2 for RHEL 7 Via RHSA-2021:5038 https://access.redhat.com/errata/RHSA-2021:5038
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3795