Name of the Vulnerable Software and Affected Versions acorn (affected versions not specified)

Description The issue concerns a Regular Expression Denial of Service. A regex in the form of /[x-ud800]/u can cause the parser to enter an infinite loop. This occurs because the string is not valid UTF16, which is usually sanitized before reaching the parser. If an application processes untrusted input and passes it directly, attackers may leverage this issue, leading to Denial of Service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.