VulnerableCode Package Details - pkg:npm/jquery-validation@1.19.5

Search for packages

Vulnerability	Summary	Fixed by
VCID-zd8d-c1nk-g7a4 Aliases: CVE-2025-3573 GHSA-rrj2-ph5q-jxw2	jquery-validation vulnerable to Cross-site Scripting Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages in a user localizable dictionary.	1.20.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-zd8d-c1nk-g7a4
Aliases:
CVE-2025-3573
GHSA-rrj2-ph5q-jxw2

jquery-validation vulnerable to Cross-site Scripting Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages in a user localizable dictionary.

1.20.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-dgq1-519m-6ubb	jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method Summary Incomplete fix of CVE-2021-43306: An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method.	CVE-2022-31147 GHSA-ffmh-x56j-9rc3 GMS-2022-2867

Vulnerability

Summary

Aliases

VCID-dgq1-519m-6ubb

jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method Summary Incomplete fix of CVE-2021-43306: An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method.

CVE-2022-31147
GHSA-ffmh-x56j-9rc3
GMS-2022-2867

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:26:41.887625+00:00	GitLab Importer	Affected by	VCID-zd8d-c1nk-g7a4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jquery-validation/CVE-2025-3573.yml	38.4.0
2026-04-16T22:05:12.990756+00:00	GitLab Importer	Fixing	VCID-dgq1-519m-6ubb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jquery-validation/GMS-2022-2867.yml	38.4.0
2026-04-12T00:46:08.623750+00:00	GitLab Importer	Affected by	VCID-zd8d-c1nk-g7a4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jquery-validation/CVE-2025-3573.yml	38.3.0
2026-04-11T23:21:09.900861+00:00	GitLab Importer	Fixing	VCID-dgq1-519m-6ubb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jquery-validation/GMS-2022-2867.yml	38.3.0
2026-04-03T21:27:17.825710+00:00	GitLab Importer	Fixing	VCID-dgq1-519m-6ubb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jquery-validation/GMS-2022-2867.yml	38.1.0
2026-04-03T00:54:06.868490+00:00	GitLab Importer	Affected by	VCID-zd8d-c1nk-g7a4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jquery-validation/CVE-2025-3573.yml	38.1.0
2026-04-01T16:02:46.443330+00:00	GHSA Importer	Fixing	VCID-dgq1-519m-6ubb	https://github.com/advisories/GHSA-ffmh-x56j-9rc3	38.0.0
2026-04-01T13:07:22.548396+00:00	GithubOSV Importer	Fixing	VCID-dgq1-519m-6ubb	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-ffmh-x56j-9rc3/GHSA-ffmh-x56j-9rc3.json	38.0.0