PT-2022-23029 · V8N · V8N

Name of the Vulnerable Software and Affected Versions: v8n versions prior to 1.5.1 Description: The issue is related to an inefficient regular expression complexity in the lowercase and uppercase regex of the v8n javascript validation library. This could lead to a denial of service attack. Testin...

perl: lc(), uc() routines are laundering tainted data

The 1 lc, 2 lcfirst, 3 uc, and 4 ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection...