contentstack
diff --git a/‎CHANGELOG.md‎
Lines changed: 4 additions & 1 deletion b/‎CHANGELOG.md‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎package-lock.json‎
Lines changed: 185 additions & 4 deletions b/‎package-lock.json‎
Lines changed: 185 additions & 4 deletions
diff --git a/‎package.json‎
Lines changed: 7 additions & 2 deletions b/‎package.json‎
Lines changed: 7 additions & 2 deletions
diff --git a/‎src/helper/regex-match.ts‎
Lines changed: 21 additions & 5 deletions b/‎src/helper/regex-match.ts‎
Lines changed: 21 additions & 5 deletions
@@ -1,6 +1,9 @@
 # Changelog
 
-## [1.3.3](https://github.com/contentstack/contentstack-utils-javascript/tree/v1.3.2) (2024-02-28)
+## [1.3.4](https://github.com/contentstack/contentstack-utils-javascript/tree/v1.3.4) (2024-05-13)
+ - Fixes for vulnerability issues related to regular expression and options
+
+## [1.3.3](https://github.com/contentstack/contentstack-utils-javascript/tree/v1.3.3) (2024-02-28)
  - Fix for parsing nested children when entry is referenced as link
 
 ## [1.3.2](https://github.com/contentstack/contentstack-utils-javascript/tree/v1.3.2) (2024-02-14)
 
@@ -1,6 +1,6 @@
 {
   "name": "@contentstack/utils",
-  "version": "1.3.3",
+  "version": "1.3.4",
   "description": "Contentstack utilities for Javascript",
   "main": "dist/index.es.js",
   "types": "dist/types/index.d.ts",
@@ -39,6 +39,7 @@
     "@babel/preset-env": "^7.22.20",
     "@commitlint/cli": "^17.7.1",
     "@commitlint/config-conventional": "^17.7.0",
+    "@types/dompurify": "^3.0.5",
     "@types/jest": "^26.0.24",
     "babel-core": "^4.7.16",
     "babel-jest": "^29.7.0",
@@ -48,8 +49,8 @@
     "eslint": "^8.50.0",
     "husky": "^8.0.3",
     "jest": "^29.7.0",
-    "jest-environment-jsdom": "^29.7.0",
     "jest-coverage-badges": "^1.1.2",
+    "jest-environment-jsdom": "^29.7.0",
     "jest-html-reporters": "^2.1.7",
     "jest-junit": "^15.0.0",
     "jsdom": "^21.1.2",
@@ -80,5 +81,9 @@
     "presets": [
       "es2015"
     ]
+  },
+  "dependencies": {
+    "cheerio": "^1.0.0-rc.12",
+    "dompurify": "^3.1.1"
   }
 }
@@ -1,11 +1,27 @@
-const FigureTagRegex = /<\s*figure[^>]*>([^]*?)<\s*\/\s*figure>/g;
-
 export function containsFigureTag(content: string): boolean {
-  return countFigureTags(content) > 0;
+  const openingTag = '<figure';
+  const closingTag = '</figure>';
+  const openingIndex = content.indexOf(openingTag);
+  const closingIndex = content.indexOf(closingTag);
+  return openingIndex !== -1 && closingIndex !== -1 && closingIndex > openingIndex;
 }
 
-export function matchFigureTag(content: string): RegExpMatchArray {
-  return content.match(FigureTagRegex);
+export function matchFigureTag(content: string): string[] | null {
+  const matches: string[] = [];
+  const openingTag = '<figure';
+  const closingTag = '</figure>';
+  let startIndex = 0;
+  while ((startIndex = content.indexOf(openingTag, startIndex)) !== -1) {
+    const endIndex = content.indexOf(closingTag, startIndex);
+    if (endIndex !== -1 && endIndex > startIndex) {
+      matches.push(content.substring(startIndex, endIndex + closingTag.length));
+      startIndex = endIndex + closingTag.length; 
+    } else {
+      console.error('Malformed figure tag found in content');
+      break;
+    }
+  }
+  return matches.length > 0 ? matches : null;
 }
 
 export function countFigureTags(content: string): number {