Security
Headlines

Headlines Latest CVEs

Headline

CVE-2022-31147: Merge pull request from GHSA-ffmh-x56j-9rc3 · jquery-validation/jquery-validation@5bbd80d

The jQuery Validation Plugin (jquery-validation) provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service (ReDoS) when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix for CVE-2021-43306. Users should upgrade to version 1.19.5 to receive a patch.

2 years ago

@@ -123,9 +123,9 @@ QUnit.test( "url2 (tld optional)", function( assert ) {

assert.ok( method( “http://www.føtex.dk/” ), “Valid url, danish unicode characters” );

assert.ok( method( “http://bösendorfer.de/” ), “Valid url, german unicode characters” );

assert.ok( method( “http://142.42.1.1” ), “Valid IP Address” );

assert.ok( method( “http://bassistance” ), "Valid URL (optional TLD)" );

assert.ok( method( “http://bassistance.” ), "Valid URL (optional TLD)" );

assert.ok( !method( “http://192.168.8.” ), “Invalid IP Address” );

assert.ok( method( “http://bassistance” ), “Invalid url” );

assert.ok( method( “http://bassistance.” ), “Invalid url” );

assert.ok( !method( “http://bassistance,de” ), “Invalid url” );

assert.ok( !method( “http://bassistance;de” ), “Invalid url” );

assert.ok( !method( “http://.bassistancede” ), “Invalid url” );

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

12 months ago

12 months ago

12 months ago

12 months ago

12 months ago