Medium severity5.5NVD Advisory· Published Aug 16, 2021· Updated Jun 17, 2026
CVE-2021-23423
CVE-2021-23423
Description
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
bikeshedPyPI | < 3.0.0 | 3.0.0 |
Affected products
1Patches
Vulnerability mechanics
References
5- github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2ddnvdPatchThird Party AdvisoryWEB
- snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537647nvdExploitPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-hf6p-4rv2-9qrpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-23423ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/bikeshed/PYSEC-2021-117.yamlghsaWEB
News mentions
0No linked articles in our index yet.