Search for packages
| purl | pkg:npm/jquery-validation@1.15.0-pre |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-a286-32jj-eubk
Aliases: CVE-2021-21252 GHSA-jxwx-85vp-gvwm |
Regular Expression Denial of Service in jquery-validation The GitHub Security Lab team has identified potential security vulnerabilities in jquery.validation. The project contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service) This issue was discovered and reported by GitHub team member @erik-krogh (Erik Krogh Kristensen). |
Affected by 3 other vulnerabilities. |
|
VCID-apr7-9vue-3uhr
Aliases: CVE-2021-43306 GHSA-j9m2-h2pv-wvph |
Regular expression denial of service in jquery-validation An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method |
Affected by 2 other vulnerabilities. |
|
VCID-dgq1-519m-6ubb
Aliases: CVE-2022-31147 GHSA-ffmh-x56j-9rc3 GMS-2022-2867 |
jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method Summary Incomplete fix of CVE-2021-43306: An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method. |
Affected by 1 other vulnerability. |
|
VCID-zd8d-c1nk-g7a4
Aliases: CVE-2025-3573 GHSA-rrj2-ph5q-jxw2 |
jquery-validation vulnerable to Cross-site Scripting Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages in a user localizable dictionary. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||