This affects versions of package json-pointer up to and including 0.6.1. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays.
{
"github_reviewed_at": "2021-11-04T16:55:47Z",
"nvd_published_at": "2021-11-03T18:15:00Z",
"github_reviewed": true,
"cwe_ids": [
"CWE-1321",
"CWE-843"
],
"severity": "MODERATE"
}