CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-23423

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.2%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 5.0

References

https://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd
https://snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537647
https://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd
https://snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537647

Products affected by CVE-2021-23423

Bikeshed Project » Bikeshed » Version: Any

cpe:2.3:a:bikeshed_project:bikeshed:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-23423

Products

Pricing

Contact Us