Name of the Vulnerable Software and Affected Versions underscore.string versions prior to 3.3.5

Description The issue concerns a Regular Expression Denial of Service (ReDoS) in the unescapeHTML function due to an overly-broad regex. This results in a slowdown that grows exponentially with larger inputs, approximately 2s for 50,000 characters.

Recommendations Upgrade to version 3.3.5 or higher.