Package impact
npm / jquery-validation
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-3573 | unknown | — | — | 1y ago | Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This v… | |||
| CVE-2022-31147 | unknown | — | — | 4y ago | The jQuery Validation Plugin (jquery-validation) provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service (ReDoS) wh… | |||
| CVE-2021-43306 | unknown | — | — | 4y ago | An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method | |||
| CVE-2021-21252 | unknown | — | — | 6y ago | Regular Expression Denial of Service in jquery-validation |