The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Node.js jquery-validation: overload via Regular Expression

Synthesis of the vulnerability 

An attacker can trigger an overload via Regular Expression of Node.js jquery-validation, in order to trigger a denial of service.
Impacted systems: SnapCenter Backup Management, Nodejs Modules ~ not comprehensive, OTRS Help Desk.
Severity of this alert: 2/4.
Creation date: 22/02/2021.
Références of this alert: CVE-2021-21252, GHSA-jxwx-85vp-gvwm, NPM-1605, NTAP-20210219-0005, OSA-2021-06, VIGILANCE-VUL-34637.

Description of the vulnerability 

An attacker can trigger an overload via Regular Expression of Node.js jquery-validation, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat note impacts software or systems such as SnapCenter Backup Management, Nodejs Modules ~ not comprehensive, OTRS Help Desk.

Our Vigil@nce team determined that the severity of this cybersecurity note is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this vulnerability note.

Solutions for this threat 

Node.js jquery-validation: version 1.19.3.
The version 1.19.3 is fixed:
  https://www.npmjs.com/package/jquery-validation

NetApp SnapCenter: solution for jQuery Validation.
The solution is indicated in information sources.

OTRS Help Desk: version 7.0.25.
The version 7.0.25 is fixed:
  https://otrs.com/

OTRS Help Desk: version 8.0.12.
The version 8.0.12 is fixed:
  https://otrs.com/
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides an applications vulnerabilities database. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.