Vulnerability Details CVE-2021-43306
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.1%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 5.0
References
Products affected by CVE-2021-43306
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.10.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.11.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.11.1
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.12.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.13.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.13.1
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.14.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.15.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.15.1
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.16.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.17.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.18.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.19.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.19.1
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.19.2
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.19.3
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.6.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.7.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.8.0
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.8.1
-
cpe:2.3:a:jqueryvalidation:jquery_validation:1.9.0