
We found results for “”
WS-2022-0170
Good to know:


Date: July 6, 2022
Redos in jquery-validation before 1.19.5
Language: JS
Severity Score
Severity Score
Weakness Type (CWE)
Inefficient Regular Expression Complexity
CWE-1333Top Fix

Upgrade Version
Upgrade to version ns/ace-bundle - no_fix;ns/ace-bundle - 3.0.1;ns/ace-bundle - 5.0.25;ns/ace-bundle - 0.9.0;ns/ace-bundle - 5.0.54;ns/ace-bundle - 5.0.47;ns/ace-bundle - 5.0.49;ns/ace-bundle - 5.0.23;ns/ace-bundle - 5.0.30;ns/ace-bundle - 1.5.1;ns/ace-bundle - 3.1.0;ns/ace-bundle - 3.1.1;ns/ace-bundle - 5.0.27;ns/ace-bundle - 4.0.0;ns/ace-bundle - 4.0.1;ns/ace-bundle - 3.1.37;ns/ace-bundle - 2.0.1;laraflat/laraflat - no_fix;arwp/main-master - no_fix;skeeks/yii2-assets-unify-v2-min - 2.6.2.1;skeeks/yii2-assets-unify-v2-min - 2.6.2.34;skeeks/yii2-assets-unify-v2-min - 2.6.2.32;skeeks/yii2-assets-unify-v2-min - no_fix;skeeks/yii2-assets-unify-v2-min - 2.6.1;skeeks/yii2-assets-unify-v2-min - 2.6.2.4;skeeks/yii2-assets-unify-v2 - no_fix;skeeks/yii2-assets-unify-v2 - 2.6.0;dhayakawa/springintoaction - 1.0;dhayakawa/springintoaction - 2.1.14;dhayakawa/springintoaction - 2.1.17;dhayakawa/springintoaction - no_fix;touhedul/properos-commerce - no_fix;bpfw/bpfw - no_fix;smellems/wet4 - no_fix;YB.ABPCoreMPA4.1.Template - no_fix;Itsomax.AppHost - no_fix;lanos/yetiweb - no_fix;yangsuda/slimcms - 3.0.1;yangsuda/slimcms - 2.2.1.x-dev;yangsuda/slimcms - 2.1.0.x-dev;yangsuda/slimcms - 3.0.3.x-dev;jquery-validation - 1.19.5;jquery-validation - 1.19.5;calibrate/civicrm-libraries - v1.0;abs/helper-pkg - no_fix;Skoruba.IdentityServer4.Admin.Templates - 1.0.0-beta2;blackspot/laravel-starter - v2.1.2;blackspot/laravel-starter - v2.1.6;blackspot/laravel-starter - 2.x-dev;sonlabs/php-paypal - no_fix;hustshenl/yii2-metronic-lite - no_fix;hustshenl/yii2-metronic-lite - 0.1;yujin1st/unify2-theme - no_fix;hakoncms/hakoncms - no_fix;alirezab/admin-panel - 1.1;IIKI.BaseApp.Web - 1.0.1;virtualorz/laraadmin - no_fix;Dynamic.NET.Express.ProjectTemplates - no_fix;doitonlinemedia/admin - no_fix;Jquery.Validation.New - no_fix;khaled3afan/linkati - no_fix;chathurabuddi/jquery-validation - 1.6.0;bdelamatre/delamatre-zend - no_fix;happycoding/civicrm-core-for-drupal - no_fix;Dkbe.CaptivePortal.MockServer - no_fix;kewljuice/civicrm-libraries - no_fix;kmgi/common-bundle - no_fix;youwen/bauth - pureDemo;apex/apex - 1.2.16;apex/apex - 1.4.1;yangsuda/slimcms-public - no_fix;Dynamic.NET.AdminLTE.ProjectTemplates - 0.8.0;FenixAlliance.ABS.Portal.UI - 1.3.0;didijudo/dlite - no_fix;ymabrouk/pike_admin - no_fix;laradium/laradium - dev-htmlpreview;envrin/apex - 1.0.1;inalto/croogo-fusion - no_fix;happycoding/civicrm-library-for-drupal - no_fix;pantech/retailak-fashion - no_fix;org.webjars.bowergithub.jquery-validation:jquery-validation:1.17.0;org.webjars.bowergithub.jquery-validation:jquery-validation:1.19.5;org.webjars.bowergithub.jquery-validation:jquery-validation:1.19.1;org.webjars.bower:jquery-validation:1.17.0;org.webjars.bower:jquery-validation:1.19.1;org.webjars.bower:jquery-validation:1.14.0;org.webjars.bower:jquery-validation:1.19.5;org.webjars.bower:github-com-jquery-validation-jquery-validation:no_fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | HIGH |