Low severityNVD Advisory· Published Jun 1, 2022· Updated Sep 16, 2024
Exponential ReDoS in jquery-validation
CVE-2021-43306
Description
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
jquery-validationnpm | < 1.19.4 | 1.19.4 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-j9m2-h2pv-wvphghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-43306ghsaADVISORY
- github.com/jquery-validation/jquery-validation/commit/69cb17ed774b427f7e2ffcdf197968231725c30eghsaWEB
- github.com/jquery-validation/jquery-validation/pull/2428ghsaWEB
- research.jfrog.com/vulnerabilities/jquery-validation-redos-xray-211348ghsaWEB
- research.jfrog.com/vulnerabilities/jquery-validation-redos-xray-211348/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.