First published: Thu Oct 07 2021(Updated: )
Credit: report@snyk.io
Affected Software | Affected Version | How to fix |
---|---|---|
Teddy Project Teddy | <0.5.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-23447 is medium (6.1).
CVE-2021-23447 affects the Teddy package before version 0.5.9.
CVE-2021-23447 is a type confusion vulnerability.
The type confusion vulnerability can be exploited by bypassing input sanitization when the model content is an array instead of a string.
Yes, CVE-2021-23447 can be fixed by updating the Teddy package to version 0.5.9 or newer.