Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/jQuery.Validation@1.19.1

Type nuget

Namespace

Name jQuery.Validation

Version 1.19.1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.19.4

Latest_non_vulnerable_version 1.19.4

Affected_by_vulnerabilities

url VCID-a286-32jj-eubk

vulnerability_id VCID-a286-32jj-eubk

summary

Regular Expression Denial of Service in jquery-validation
The GitHub Security Lab team has identified potential security vulnerabilities in jquery.validation.

The project contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service)

This issue was discovered and reported by GitHub team member @erik-krogh (Erik Krogh Kristensen).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21252.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-21252

reference_id

reference_type

scores

value	0.007
scoring_system	epss
scoring_elements	0.72032
published_at	2026-04-21T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.72047
published_at	2026-04-18T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.72039
published_at	2026-04-16T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.71951
published_at	2026-04-01T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.72014
published_at	2026-04-12T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.7203
published_at	2026-04-11T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.72006
published_at	2026-04-09T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.71993
published_at	2026-04-08T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.71955
published_at	2026-04-07T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.71979
published_at	2026-04-04T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.71959
published_at	2026-04-02T12:55:00Z

value	0.007
scoring_system	epss
scoring_elements	0.71998
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-21252

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21252

reference_url

https://github.com/jquery-validation/jquery-validation

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jquery-validation/jquery-validation

reference_url

https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jquery-validation/jquery-validation/commit/5d8f29eef363d043a8fec4eb86d42cadb5fa5f7d

reference_url

https://github.com/jquery-validation/jquery-validation/pull/2371

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jquery-validation/jquery-validation/pull/2371

reference_url

https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm

reference_url

https://jqueryvalidation.org/#installation-via-package-managers

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://jqueryvalidation.org/#installation-via-package-managers

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-21252

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-21252

reference_url

https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation

reference_url	https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/
reference_id
reference_type
scores
url	https://securitylab.github.com/advisories/GHSL-2020-294-redos-jquery-validation/

reference_url

https://security.netapp.com/advisory/ntap-20210219-0005

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210219-0005

reference_url	https://security.netapp.com/advisory/ntap-20210219-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210219-0005/

reference_url

https://www.npmjs.com/package/jquery-validation

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.npmjs.com/package/jquery-validation

reference_url

https://www.nuget.org/packages/jquery.validation

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.nuget.org/packages/jquery.validation

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2096941
reference_id	2096941
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2096941

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891
reference_id	980891
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980891

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892
reference_id	980892
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980892

reference_url

https://github.com/advisories/GHSA-jxwx-85vp-gvwm

reference_id

GHSA-jxwx-85vp-gvwm

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jxwx-85vp-gvwm

fixed_packages

url pkg:nuget/jQuery.Validation@1.19.3

purl pkg:nuget/jQuery.Validation@1.19.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-apr7-9vue-3uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/jQuery.Validation@1.19.3

aliases CVE-2021-21252, GHSA-jxwx-85vp-gvwm

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a286-32jj-eubk

url VCID-apr7-9vue-3uhr

vulnerability_id VCID-apr7-9vue-3uhr

summary

Regular expression denial of service in jquery-validation
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43306

reference_id

reference_type

scores

value	0.00829
scoring_system	epss
scoring_elements	0.74553
published_at	2026-04-21T12:55:00Z

value	0.00829
scoring_system	epss
scoring_elements	0.7456
published_at	2026-04-18T12:55:00Z

value	0.00844
scoring_system	epss
scoring_elements	0.74749
published_at	2026-04-04T12:55:00Z

value	0.00844
scoring_system	epss
scoring_elements	0.74722
published_at	2026-04-07T12:55:00Z

value	0.00844
scoring_system	epss
scoring_elements	0.74755
published_at	2026-04-08T12:55:00Z

value	0.00844
scoring_system	epss
scoring_elements	0.74769
published_at	2026-04-09T12:55:00Z

value	0.00844
scoring_system	epss
scoring_elements	0.74793
published_at	2026-04-11T12:55:00Z

value	0.00844
scoring_system	epss
scoring_elements	0.74772
published_at	2026-04-12T12:55:00Z

value	0.00844
scoring_system	epss
scoring_elements	0.74763
published_at	2026-04-13T12:55:00Z

value	0.00844
scoring_system	epss
scoring_elements	0.74719
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43306

reference_url

https://github.com/jquery-validation/jquery-validation

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/jquery-validation/jquery-validation

reference_url

https://github.com/jquery-validation/jquery-validation/commit/69cb17ed774b427f7e2ffcdf197968231725c30e

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/jquery-validation/jquery-validation/commit/69cb17ed774b427f7e2ffcdf197968231725c30e

reference_url

https://github.com/jquery-validation/jquery-validation/pull/2428

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/jquery-validation/jquery-validation/pull/2428

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-43306

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-43306

reference_url

https://research.jfrog.com/vulnerabilities/jquery-validation-redos-xray-211348

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://research.jfrog.com/vulnerabilities/jquery-validation-redos-xray-211348

reference_url	https://research.jfrog.com/vulnerabilities/jquery-validation-redos-xray-211348/
reference_id
reference_type
scores
url	https://research.jfrog.com/vulnerabilities/jquery-validation-redos-xray-211348/

reference_url

https://github.com/advisories/GHSA-j9m2-h2pv-wvph

reference_id

GHSA-j9m2-h2pv-wvph

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-j9m2-h2pv-wvph

fixed_packages

url	pkg:nuget/jQuery.Validation@1.19.4
purl	pkg:nuget/jQuery.Validation@1.19.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/jQuery.Validation@1.19.4

aliases CVE-2021-43306, GHSA-j9m2-h2pv-wvph

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-apr7-9vue-3uhr

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/jQuery.Validation@1.19.1

Package Instance