CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-23422

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.9%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd
https://snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537646
https://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd
https://snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537646

Products affected by CVE-2021-23422

Bikeshed Project » Bikeshed » Version: Any

cpe:2.3:a:bikeshed_project:bikeshed:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-23422

Products

Pricing

Contact Us