CVE-2021-23509: Access of Resource Using Incompatible Type ('Type Confusion')
(updated )
This affects the package json-ptr A type confusion vulnerability can lead to a bypass of CVE-2020-7766 when the user-provided keys used in the pointer parameter are arrays.
References
Detect and mitigate CVE-2021-23509 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →