diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/SemverTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/SemverTest.java
index 758f8d9d47f..899cd2e85aa 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/SemverTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/SemverTest.java
@@ -13,6 +13,7 @@
*/
package org.owasp.dependencycheck.utils;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import org.junit.Test;
@@ -32,4 +33,15 @@ public void testSemver() {
Semver semver = new Semver("3.1.4");
assertTrue(semver.satisfies("^3.0.0-0"));
}
+ /**
+ * Test of semver4j. See https://github.com/jeremylong/DependencyCheck/issues/5158
+ */
+ @Test
+ public void testSemverComplex() {
+ Semver semver = new Semver("18.11.5");
+ assertFalse(semver.satisfies("^14.14.20 || ^16.0.0"));
+
+ semver = new Semver("14.15.0");
+ assertTrue(semver.satisfies("^14.14.20 || ^16.0.0"));
+ }
}
diff --git a/pom.xml b/pom.xml
index 1a07c51a7c9..b4cd8bd00c6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1069,7 +1069,7 @@ Copyright (c) 2012 - Jeremy Long
org.semver4j
semver4j
- 4.1.0
+ 4.1.1
org.jetbrains