This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array (instead of a string).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2021-10-07T16:40:12.628956Z
Updated: 2024-09-16T22:20:45.340Z
Reserved: 2021-01-08T00:00:00
Link: CVE-2021-23447
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-10-07T17:15:08.087
Modified: 2024-11-21T05:51:46.600
Link: CVE-2021-23447
Redhat
No data.