Bring Sonatype intelligence to your IDE and AI workflows with the Sonatype MCP server.
Discover, assess, and secure your open source components with confidence.
From selecting the best versions to identifying vulnerabilities, ensuring license compliance, and receiving real-time remediation guidance,
everything you need to build safer software, faster. Get setup now

Vulnerability

CVE-2021-43306

Report advisory or correction

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-1333

References

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43306

[CVE-2021-43306] CWE-1333

Description

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method

See jQuery.Validation package information