{"id":"CVE-2021-23423","details":"This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output.","aliases":["GHSA-hf6p-4rv2-9qrp","PYSEC-2021-117","SNYK-PYTHON-BIKESHED-1537647"],"modified":"2026-03-15T14:08:06.272872Z","published":"2021-08-16T08:15:11.393Z","related":["SNYK-PYTHON-BIKESHED-1537647"],"references":[{"type":"FIX","url":"https://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd"},{"type":"FIX","url":"https://snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537647"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/speced/bikeshed","events":[{"introduced":"0"},{"fixed":"b2f668fca204260b1cad28d5078e93471cb6b2dd"}]},{"type":"GIT","repo":"https://github.com/speced/bikeshed","events":[{"introduced":"0"},{"fixed":"b2f668fca204260b1cad28d5078e93471cb6b2dd"}]}],"versions":["v0.9"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"3.0.0"}]},{"events":[{"introduced":"0"},{"fixed":"3.0.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23423.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}