CVE-2021-29510: 
Python vulnerability analysis and mitigation

Pydantic, a data validation and settings management library using Python type hinting, was found to contain a vulnerability (CVE-2021-29510) that affects all versions prior to v1.8.2, v1.7.4, and v1.6.2. The vulnerability was discovered and disclosed in May 2021, affecting the datetime and date field parsing functionality (GitHub Advisory).

The vulnerability occurs when passing either 'infinity', 'inf' or float('inf') (or their negative values) to datetime or date fields. When these values are provided as input, the validation process enters an infinite loop consuming 100% CPU usage on one CPU core (GitHub Advisory).

When exploited, this vulnerability can cause a denial of service condition through CPU resource exhaustion, as the affected process enters an infinite loop utilizing 100% of a CPU core (GitHub Advisory).

The vulnerability has been patched in Pydantic versions v1.8.2, v1.7.4, and v1.6.2. Users are strongly recommended to upgrade to these or newer versions. For those unable to upgrade immediately, a temporary workaround involves implementing a custom validator to catch infinite values before they reach the parsing logic (GitHub Advisory, Ubuntu Security).

The vulnerability was addressed promptly with security patches being released for multiple version branches of Pydantic. Major Linux distributions including Ubuntu and Fedora quickly incorporated the fixes into their repositories (Fedora Update, Ubuntu Security).