jquery-validation
npm4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting jquery-validationpage 1 of 1
- CVE-2021-21252MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.19.32021-01-13
The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable t…
- CVE-2021-43306MEDIUMCVSS 5.9EG 5.9✓ Fixed in 1.19.42022-06-02
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method
- CVE-2022-31147HIGHCVSS 7.5EG 7.5✓ Fixed in 1.19.52022-07-14
The jQuery Validation Plugin (jquery-validation) provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service (ReDoS) when an attacker is able to supply arbitra…
- CVE-2025-3573MEDIUMCVSS 6.1EG 6.1✓ Fixed in 1.20.02025-04-15
Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.valid…
Check whether jquery-validation is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for jquery-validation CVEs against the assets you own.
Start Free Scan →