The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.
References
| Link | Resource |
|---|---|
| https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d | Patch Third Party Advisory |
| https://github.com/jquery-validation/jquery-validation/pull/2371 | Patch Third Party Advisory |
| https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm | Third Party Advisory |
| https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html | |
| https://security.netapp.com/advisory/ntap-20210219-0005/ | Third Party Advisory |
| https://www.npmjs.com/package/jquery-validation | Product Third Party Advisory |
Configurations
History
31 Aug 2023, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Information
Published : 2021-01-13 19:15
Updated : 2024-02-28 18:08
NVD link : CVE-2021-21252
Mitre link : CVE-2021-21252
CVE.ORG link : CVE-2021-21252
JSON object : View
Products Affected
netapp
- snapcenter
jqueryvalidation
- jquery_validation
CWE
CWE-400
Uncontrolled Resource Consumption