CVE-2021-29510

Pydantic is a data validation and settings management using Python type
hinting. In affected versions passing either 'infinity', 'inf' or
float('inf') (or their negatives) to datetime or date fields causes
validation to run forever with 100% CPU usage (on one CPU). Pydantic has
been patched with fixes available in the following versions: v1.8.2,
v1.7.4, v1.6.2. All these versions are available on
pypi(https://pypi.org/project/pydantic/#history), and will be available on
conda-forge(https://anaconda.org/conda-forge/pydantic) soon. See the
changelog(https://pydantic-docs.helpmanual.io/) for details. If you
absolutely can’t upgrade, you can work around this risk using a
validator(https://pydantic-docs.helpmanual.io/usage/validators/) to catch
these values. This is not an ideal solution (in particular you’ll need a
slightly different function for datetimes), instead of a hack like this you
should upgrade pydantic. If you are not using v1.8.x, v1.7.x or v1.6.x and
are unable to upgrade to a fixed version of pydantic, please create an
issue at https://github.com/samuelcolvin/pydantic/issues requesting a
back-port, and we will endeavour to release a patch for earlier versions of
pydantic.