Headline
CVE-2021-43306: jquery-validation ReDoS | XRAY-211348
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method
CVE-2021-43306 | CVSS 5.9
JFrog Severity:medium
Published 30 May. 2022 | Last updated 30 May. 2022
Exponential ReDoS in jquery-validation leads to denial of service
jquery-validation
jquery-validation (,1.19.3], fixed in 1.19.4
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method
'FTP://0.’ + '3.3.’.repeat(10) + ‘\x00’
No mitigations are supplied for this issue
NVD
Related news
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method