Mholt

**Name of the Vulnerable Software and Affected Versions** acme.sh versions prior to 3.0.6 **Description** The issue arises from insufficient input validation in the Eval function of the ACME protocol client Acme.sh, allowing a remote attacker to execute arbitrary code. This has been exploited in the wild in June 2023. **Recommendations** For versions prior to 3.0.6, update to version 3.0.6 or later to resolve the issue. As a temporary workaround, consider disabling the use of the `eval` function in Acme.sh until a patch is applied. Restrict access to the Acme.sh client to minimize the risk of exploitation. Avoid using the Acme.sh client with untrusted input until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** mholt PapaParse versions up to 5.1.x **Description** A vulnerability was found in the file papaparse.js, leading to inefficient regular expression complexity. The issue is classified as problematic and affects an unknown function. Upgrading to version 5.2.0 addresses this issue. **Recommendations** For versions up to 5.1.x, upgrade to version 5.2.0 to address the issue.