This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array (instead of a string).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2021-10-07T16:40:12.628956Z
Updated: 2024-09-16T22:20:45.340Z
Reserved: 2021-01-08T00:00:00
Link: CVE-2021-23447
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-10-07T17:15:08.087
Modified: 2022-05-03T16:04:40.443
Link: CVE-2021-23447
Redhat
No data.