Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/acorn@5.6.2
purl pkg:npm/acorn@5.6.2
Next non-vulnerable version 5.7.4
Latest non-vulnerable version 7.1.1
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-9eyp-2a6k-xya4
Aliases:
GHSA-6chw-6frg-f759
GMS-2020-702
Regular Expression Denial of Service in Acorn Affected versions of acorn are vulnerable to Regular Expression Denial of Service. A regex in the form of /[x-\ud800]/u causes the parser to enter an infinite loop. The string is not valid UTF16 which usually results in it being sanitized before reaching the parser. If an application processes untrusted input and passes it directly to acorn, attackers may leverage the vulnerability leading to Denial of Service.
5.7.4
Affected by 0 other vulnerabilities.
6.4.1
Affected by 0 other vulnerabilities.
7.1.1
Affected by 0 other vulnerabilities.
VCID-znj9-9zem-s3c9
Aliases:
GMS-2020-1
Regular Expression Denial of Service A regex in the form of `/[x-\ud800]/u` causes the parser to enter an infinite loop. The string is not valid UTF16 which usually results in it being sanitized before reaching the parser.
5.7.4
Affected by 0 other vulnerabilities.
6.4.1
Affected by 0 other vulnerabilities.
7.1.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-01T14:21:22.428891+00:00 GHSA Importer Affected by VCID-9eyp-2a6k-xya4 https://github.com/advisories/GHSA-6chw-6frg-f759 38.6.0
2026-04-29T19:39:43.546956+00:00 GitLab Importer Affected by VCID-9eyp-2a6k-xya4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/acorn/GMS-2020-702.yml 38.5.0
2026-04-29T19:38:24.480704+00:00 GitLab Importer Affected by VCID-znj9-9zem-s3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/acorn/GMS-2020-1.yml 38.5.0
2026-04-16T21:02:22.268988+00:00 GitLab Importer Affected by VCID-9eyp-2a6k-xya4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/acorn/GMS-2020-702.yml 38.4.0
2026-04-16T21:01:07.284685+00:00 GitLab Importer Affected by VCID-znj9-9zem-s3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/acorn/GMS-2020-1.yml 38.4.0
2026-04-16T01:32:15.862284+00:00 GHSA Importer Affected by VCID-9eyp-2a6k-xya4 https://github.com/advisories/GHSA-6chw-6frg-f759 38.4.0
2026-04-11T22:13:43.352444+00:00 GitLab Importer Affected by VCID-9eyp-2a6k-xya4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/acorn/GMS-2020-702.yml 38.3.0
2026-04-11T22:12:24.910697+00:00 GitLab Importer Affected by VCID-znj9-9zem-s3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/acorn/GMS-2020-1.yml 38.3.0
2026-04-11T13:01:36.961821+00:00 GHSA Importer Affected by VCID-9eyp-2a6k-xya4 https://github.com/advisories/GHSA-6chw-6frg-f759 38.3.0
2026-04-02T22:26:04.699773+00:00 GitLab Importer Affected by VCID-9eyp-2a6k-xya4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/acorn/GMS-2020-702.yml 38.1.0
2026-04-02T22:24:51.107227+00:00 GitLab Importer Affected by VCID-znj9-9zem-s3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/acorn/GMS-2020-1.yml 38.1.0
2026-04-02T13:53:37.526480+00:00 GHSA Importer Affected by VCID-9eyp-2a6k-xya4 https://github.com/advisories/GHSA-6chw-6frg-f759 38.1.0