VDB
CVE-2021-23423
CVE-2021-23423
PUBLISHED
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output.
EPSS 0.35% · 58.0th percentile
Risk Scores
EPSS Score
0.35%
58.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:22.04:LTS | bikeshed | 0, 1.78-0ubuntu1 |
| Ubuntu:16.04:LTS | bikeshed | 1.53-0ubuntu1, 0, 1.62-0ubuntu1 |
| Ubuntu:24.04:LTS | bikeshed | 1.78-0ubuntu1, 0 |
| Ubuntu:18.04:LTS | bikeshed | 1.72-0ubuntu1, 1.71-0ubuntu1, 1.73-0ubuntu1 |
| Ubuntu:20.04:LTS | bikeshed | 1.78-0ubuntu1, 0 |
| Ubuntu:25.10 | bikeshed | 0, 1.78-0ubuntu1 |
Exploit Intelligence
Timeline
- Aug 16, 2021 EPSS Score
- Aug 16, 2021 CVE Published
- Oct 14, 2021 EPSS Score
- Dec 11, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 8, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 7, 2022 EPSS Score
- Jun 5, 2022 EPSS Score
- Aug 3, 2022 EPSS Score
- Oct 1, 2022 EPSS Score
- Nov 28, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-23423 third-party-advisory
- https://snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537647 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-23423 third-party-advisory