GHSA-FFMH-X56J-9RC3 jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method

Summary Incomplete fix of CVE-2021-43306: An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...

jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method

Summary Incomplete fix of CVE-2021-43306: An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...

@dmrvos/infrajs (>=0.0.4 <=0.0.8), @marjose/jstoolkit (>=0.0.2 <=1.0.0-beta) +10 more potentially affected by CVE-2022-31147 via jquery-validation (>=1.14.0 <=1.19.1)

jquery-validation NPM version =1.14.0, =0.0.4, =0.0.2, =0.2.2, =3.0.0, =0.11.28, =0.0.8, =1.4.0, =1.0.0, =3.0.0-prerelease.20170216T120000Z, =1.0.0, =1.0.6 - webpack-symfony-builder =1.0.0 Source cves: CVE-2022-31147 Source advisory: OSV:GHSA-FFMH-X56J-9RC3...

PT-2022-7237 · Unknown · Jquery-Validation

Name of the Vulnerable Software and Affected Versions: jquery-validation versions prior to 1.19.5 Description: The issue is related to the incorrect handling of regular expressions in the url2 method of the jQuery Validation Plugin, which can lead to a denial of service when an attacker supplies...

pcs security update

0.11.1-10.el90.1 - Updated bundled rubygems: sinatra, rack-protection - Resolves: rhbz2081333 0.11.1-10 - Fixed snmp client - Fixed translating resource roles in colocation constraint - Resolves: rhbz2048640 0.11.1-9 - Fixed cluster destroy in web ui - Fixed covscan issue in web ui - Resolves:...

WordPress Jquery Validation For Contact Form 7 plugin <= 5.2 - Arbitrary Options Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Options Update via Cross-Site Request Forgery CSRF vulnerability discovered by Gibran Abdillah in WordPress Jquery Validation For Contact Form 7 plugin versions = 5.2. Solution Update the WordPress Jquery Validation For Contact Form 7 plugin to the latest available version at least 5.3...

Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like defaultrole, userscanregister via a CSRF attack PoC...

Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like defaultrole, userscanregister via a CSRF attack...

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 FP5. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.2.2. The following 3rd party components are used by IBM Cognos Analytics: Apache Axis is a Java based Web Services engine f...

Malicious code in wm-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bec0290c986c17e81178198c358d612fb49b72f2059784595fd25dad35d719b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-7195 Malicious code in wm-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bec0290c986c17e81178198c358d612fb49b72f2059784595fd25dad35d719b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wm-jquery-shadow-dom (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4cce2934c0da39a0931ddef4e3d88c8f5afb631e708767cf3b4e98ec4dff7464 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-7196 Malicious code in wm-jquery-shadow-dom (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4cce2934c0da39a0931ddef4e3d88c8f5afb631e708767cf3b4e98ec4dff7464 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4051 Malicious code in jquery-querybuilder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57bfd8522bd1fa5221cea1ce468e61ef81bfcdcb45d394c11ad4adf9c05c270e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in jquery-querybuilder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57bfd8522bd1fa5221cea1ce468e61ef81bfcdcb45d394c11ad4adf9c05c270e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4050 Malicious code in jquery-lh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d50689d87596c591d0c3b5868d3e2d376462fc24259cf3e4119424aa4842b0bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in jquery-lh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d50689d87596c591d0c3b5868d3e2d376462fc24259cf3e4119424aa4842b0bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for May 2022

Summary In addition to many updates of open source packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF011 and 21.0.3-IF009. Vulnerability Details CVEID: CVE-2021-44906 DESCRIPTION: Node.js Minimist module could allow a remote attacke...

CVE-2021-21252

A flaw was found in jQuery-validate. There is an issue where it contains one or more regular expressions vulnerable to a Regular Expression Denial of Service ReDoS...

MI Core - Vulnerability found security issue on jquery.

Last Modified Date 2024-Mar-12 16:32:15...