CVE-2021-21252

Severity CVSS v4.0:
Pending analysis
Type:
CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
Publication date:
13/01/2021
Last modified:
31/08/2023

Description

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:jqueryvalidation:jquery_validation:*:*:*:*:*:node.js:*:* 1.19.3 (excluding)
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*