CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2021/10/07 5:15 p.m.•6 views

CVE-2021-23447

This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array instead of a string...

6.1CVSS0.00305EPSS

Exploits1References3

OSV•added 2021/10/07 5:15 p.m.•9 views

CVE-2021-23447

This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array instead of a string...

6.1CVSS6.7AI score

Exploits0References3

Prion•added 2021/10/07 5:15 p.m.•7 views

Type confusion

This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array instead of a string...

4.3CVSS6.2AI score0.00305EPSS

Exploits1References3Affected Software1

Cvelist•added 2021/10/07 4:40 p.m.•11 views

CVE-2021-23447 Cross-site Scripting (XSS)

This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array instead of a string...

5.4CVSS6.4AI score0.00305EPSS

Exploits1References3

CVE•added 2021/10/07 4:40 p.m.•38 views

CVE-2021-23447

The CVE-2021-23447 entry concerns the Teddy templating language prior to version 0.5.9. A type-confusion vulnerability allows bypassing input sanitization when the model content is an array (not a string), potentially enabling XSS-like behavior in affected renders. The mitigation is to upgrade Te...

6.1CVSS5.8AI score0.00305EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by