Your submission was sent successfully! Close

CVE-2021-21252

Published: 13 January 2021

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
civicrm
Launchpad, Ubuntu, Debian
bionic Needed

focal Needed

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needed

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needed)
otrs2
Launchpad, Ubuntu, Debian
bionic Needed

focal Needed

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needed

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needed)
phpmyadmin
Launchpad, Ubuntu, Debian
bionic Needed

focal Needed

groovy Ignored
(reached end-of-life)
hirsute Not vulnerable
(4:5.0.4+dfsg2-2)
impish Not vulnerable
(4:5.0.4+dfsg2-2)
jammy Not vulnerable
(4:5.0.4+dfsg2-2)
precise Does not exist

trusty Needed

upstream
Released (4:5.0.4+dfsg2-2)
xenial Ignored
(end of standard support, was needed)
Patches:
upstream: https://github.com/phpmyadmin/phpmyadmin/commit/401eedd288c4e83d69287b97a9f574f231156171