Some languages before 1.24.0 are vulnerable to Regular Expression Denial of Service (ReDoS).### ImpactWhen Prism is used to highlight untrusted (user-given) text, an attacker can craft a string that will take a very very long time to highlight. Do not use the following languages to highlight untrusted text.- ASCIIDoc- ERBOther languages are __not__ affected and can be used to highlight untrusted text.### PatchesThis problem has been fixed in Prism v1.24.### References- PrismJS/prism#2774- PrismJS/prism#2688