CVE-2021-23624
CVE-2021-23624 affects the dotty package prior to v0.1.2 and describes a type confusion vulnerability that can bypass CVE-2021-25912 when user-provided path keys are arrays. The issue is consistently reported across multiple sources (NVD/OSV/GHSA/CVE List) as a prototype pollution/type confusion ...