Contrib.social

Upgrade the jQuery Validation Library to 1.20.0 - Less critical 7∕25 AC:Complex/A:User/CI:None/II:None/E:Proof/TD:Default

Open on Drupal.org →
Created on 28 June 2024, 5 months ago
Updated 12 July 2024, 4 months ago

Problem/Motivation

jQuery Validation version 1.17.0 has been flagged for multiple denial-of-service vulnerabilities, specifically identified as CVE-2021-21252, CVE-2021-43306, and CVE-2022-31147.

https://nvd.nist.gov/vuln/detail/CVE-2021-21252
https://nvd.nist.gov/vuln/detail/CVE-2021-43306
https://nvd.nist.gov/vuln/detail/CVE-2022-31147

Less critical 7∕25 AC:Complex/A:User/CI:None/II:None/E:Proof/TD:Default

Steps to reproduce

Theoretical

Proposed resolution

Upgrade to the latest jquery_validation library version

Remaining tasks

Upgrade jquery validation cdn to 1.20

User interface changes

minor

API changes

Upgrade dependency on jquery validation library

Data model changes

N/A

🐛 Bug report
Status

Fixed

Version

4.0

Component

Code

Created by

🇨🇦Canada joseph.olstad

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024