Lucene search
K

84 matches found

UbuntuCve
UbuntuCve
added 2022/07/14 8:15 p.m.53 views

CVE-2022-31147

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

7.5CVSS7.2AI score0.01562EPSS
Exploits1References1
Prion
Prion
added 2022/07/14 8:15 p.m.42 views

Input validation

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

5CVSS7.5AI score0.01562EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2022/07/14 7:30 p.m.42 views

CVE-2022-31147 jquery-validation ReDoS in url2 due to incomplete fix of CVE-2021-43306

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

7.5CVSS7.8AI score0.01562EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/07/14 7:30 p.m.9 views

CVE-2022-31147 jquery-validation ReDoS in url2 due to incomplete fix of CVE-2021-43306

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

7.5CVSS6.9AI score0.01562EPSS
Exploits1References3
CVE
CVE
added 2022/07/14 7:30 p.m.198 views

CVE-2022-31147

The vulnerability CVE-2022-31147 affects the jquery-validation plugin (npm/package jquery-validation). Versions prior to 1.19.5 are vulnerable to a Regular Expression Denial of Service (ReDoS) in the url2 method, due to an incomplete fix for CVE-2021-43306. Impact is a potential DoS; no exploit d...

7.5CVSS6.5AI score0.01562EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/07/14 7:30 p.m.11 views

CVE-2022-31147

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

7.5CVSS7.7AI score0.01562EPSS
Exploits1
CNNVD
CNNVD
added 2022/07/14 12:0 a.m.10 views

jquery-validation 安全漏洞

npm jquery-validation is npm's way of providing plug-in validation for your existing forms while making it easy to customize them to fit your application. A security vulnerability exists in jquery-validation versions prior to 1.19.5, which stems from a ReDoS that can be triggered in the...

7.5CVSS7.6AI score0.01562EPSS
Exploits1References6
OSV
OSV
added 2022/07/05 10:56 p.m.28 views

GHSA-FFMH-X56J-9RC3 jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method

Summary Incomplete fix of CVE-2021-43306: An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...

7.5CVSS7.4AI score0.01562EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/07/05 10:56 p.m.235 views

jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method

Summary Incomplete fix of CVE-2021-43306: An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...

7.5CVSS7.3AI score0.01562EPSS
Exploits2References5Affected Software1
vulnersOsv
vulnersOsv
added 2022/07/05 10:56 p.m.4 views

@dmrvos/infrajs (>=0.0.4 <=0.0.8), @marjose/jstoolkit (>=0.0.2 <=1.0.0-beta) +10 more potentially affected by CVE-2022-31147 via jquery-validation (>=1.14.0 <=1.19.1)

jquery-validation NPM version =1.14.0, =0.0.4, =0.0.2, =0.2.2, =3.0.0, =0.11.28, =0.0.8, =1.4.0, =1.0.0, =3.0.0-prerelease.20170216T120000Z, =1.0.0, =1.0.6 - webpack-symfony-builder =1.0.0 Source cves: CVE-2022-31147 Source advisory: OSV:GHSA-FFMH-X56J-9RC3...

7.5CVSS7.1AI score0.01562EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/07/01 12:0 a.m.3 views

PT-2022-7237 · Unknown · Jquery-Validation

Name of the Vulnerable Software and Affected Versions: jquery-validation versions prior to 1.19.5 Description: The issue is related to the incorrect handling of regular expressions in the url2 method of the jQuery Validation Plugin, which can lead to a denial of service when an attacker supplies...

7.8CVSS7.4AI score0.01562EPSS
Exploits1References15
Patchstack
Patchstack
added 2022/06/27 12:0 a.m.28 views

WordPress Jquery Validation For Contact Form 7 plugin <= 5.2 - Arbitrary Options Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Options Update via Cross-Site Request Forgery CSRF vulnerability discovered by Gibran Abdillah in WordPress Jquery Validation For Contact Form 7 plugin versions = 5.2. Solution Update the WordPress Jquery Validation For Contact Form 7 plugin to the latest available version at least 5.3...

4.3CVSS4.5AI score0.00368EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2022/06/27 12:0 a.m.247 views

Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like defaultrole, userscanregister via a CSRF attack...

4.3CVSS1.6AI score0.00368EPSS
Exploits2
CNVD
CNVD
added 2022/06/09 12:0 a.m.20 views

npm jquery-validation denial-of-service vulnerability

npm jquery-validation is a form insertion validation application provided by npm, Inc. npm jquery-validation version 1.19.3 contains a denial of service vulnerability, which stems from the fact that an attacker who is able to provide arbitrary input to the url2 method can trigger a denial of...

5CVSS5.5AI score0.01327EPSS
Exploits1Affected Software1
Veracode
Veracode
added 2022/06/03 11:40 a.m.260 views

Regular Expression Denial Of Service (ReDoS)

jquery-validation is vulnerable to regular expression denial of service. The vulnerability exists in addMethod in url2.js due to insufficient regular expression complexity which allows an attacker to cause a ReDoS...

7.5CVSS4.8AI score0.01327EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsv
added 2022/06/03 12:0 a.m.6 views

@dmrvos/infrajs (>=0.0.4 <=0.0.8), @marjose/jstoolkit (>=0.0.2 <=1.0.0-beta) +10 more potentially affected by CVE-2021-43306 via jquery-validation (>=1.14.0 <=1.19.1)

jquery-validation NPM version =1.14.0, =0.0.4, =0.0.2, =0.2.2, =3.0.0, =0.11.28, =0.0.8, =1.4.0, =1.0.0, =3.0.0-prerelease.20170216T120000Z, =1.0.0, =1.0.6 - webpack-symfony-builder =1.0.0 Source cves: CVE-2021-43306 Source advisory: OSV:GHSA-J9M2-H2PV-WVPH...

7.5CVSS7.1AI score0.01327EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/06/03 12:0 a.m.124 views

Regular expression denial of service in jquery-validation

An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...

7.5CVSS4.5AI score0.01327EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/06/03 12:0 a.m.1 views

GHSA-J9M2-H2PV-WVPH Regular expression denial of service in jquery-validation

An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...

7.5CVSS7.3AI score0.01327EPSS
Exploits1References5
NVD
NVD
added 2022/06/02 2:15 p.m.21 views

CVE-2021-43306

An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...

7.5CVSS0.01327EPSS
Exploits1References1
OSV
OSV
added 2022/06/02 2:15 p.m.12 views

CVE-2021-43306

An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...

7.5CVSS7.5AI score
Exploits0References1
Rows per page
Query Builder