CVE-2021-43306

Name: Websites susceptible to CVE-2021-43306
Creator: WebTechSurvey

CVE-2021-43306

Exponential ReDoS in jquery-validation

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method

We have discovered 177,374 live websites that are affected by CVE-2021-43306.

Run a Free Instant Scan

Affected Software


Product	jQuery Validation Plugin
Category	jQuery Plugins
Vulnerable Domains	177,374 live websites (30% of jQuery Validation Plugin install base)
Vulnerable Versions	from 0 through 1.19.4
Vulnerable Versions Count	27 versions ( 73% of all versions)

Common Weakness Enumeration

CWE-1333 Inefficient Regular Expression Complexity

Available Reports

Website List

Details

Published - Jun 1, 2022
Updated - Sep 16, 2024

Credits

Denys Vozniuk from JFrog Security Research

CVE References

CWE References

cwe.mitre.org

CWE

CWE-1333

Website Distribution by Country

Number of websites using CVE-2021-43306

United States	70,684 websites

Germany	10,229 websites
GB	9,367 websites
France	7,791 websites
Russia	6,351 websites
Italy	5,659 websites
Netherlands	5,394 websites
Canada	4,201 websites
India	3,910 websites
Spain	3,287 websites

Website Distribution by TLD

Number of websites using CVE-2021-43306

.com	76,851 websites
.org	8,661 websites
.co.uk	6,202 websites
.ru	5,235 websites
.de	4,913 websites
.nl	4,783 websites
.net	4,096 websites
.it	4,093 websites
.fr	3,188 websites
.com.au	2,857 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2021-43306

Top websites that are affected by CVE-2021-43306. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
****************.com	United States	,**
***************.com	United States	,**
***********.net	Portugal	,**
*****.com	United States	,**
********.com	United States	,**
****.org	United States	,**
*******.com	United States	,**
******.com	United States	,**
***************.com	Singapore	,**
*..uk	GB	,**

See full domain list

FAQ

CVE-2021-43306 is Inefficient Regular Expression Complexity in jQuery Validation Plugin

A total of 177,374 websites have been identified as vulnerable to CVE-2021-43306, based on global website indexing conducted by WebTechSurvey.

The jQuery Validation Plugin is affected by the CVE-2021-43306 vulnerability.

jQuery Validation Plugin versions up to 1.19.4 are vulnerable to CVE-2021-43306.

CVE-2021-43306 is resolved in version 1.19.4 of jQuery Validation Plugin.

References

https://research.jfrog.com/vulnerabilities/jquery-validation-redos-xray-211348/

CVE-2021-43306

Affected Software

Common Weakness Enumeration

Available Reports

Details

Credits

CVE References

CWE References

CWE

Website Distribution by Country

Website Distribution by TLD

Vulnerable Versions

Websites affected by CVE-2021-43306

What type of vulnerability is CVE-2021-43306?

How many websites are affected by the CVE-2021-43306 vulnerability?

Which technology is affected by CVE-2021-43306?

Which versions of jQuery Validation Plugin are vulnerable to CVE-2021-43306?

In which version of jQuery Validation Plugin is the CVE-2021-43306 vulnerability resolved?

References