VulnerableCode Package Details - pkg:pypi/bikeshed@2.4.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/bikeshed@2.4.0

Essentials
History (2)

purl	pkg:pypi/bikeshed@2.4.0

Next non-vulnerable version	3.0.0
Latest non-vulnerable version	3.0.0
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-63vz-b8s1-6fdb Aliases: CVE-2021-23422 GHSA-87cj-px37-rc3x PYSEC-2021-116 SNYK-PYTHON-BIKESHED-1537646	This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output.	3.0.0 Affected by 0 other vulnerabilities.
VCID-h4ex-q6n4-pyh5 Aliases: CVE-2021-23423 GHSA-hf6p-4rv2-9qrp PYSEC-2021-117 SNYK-PYTHON-BIKESHED-1537647	This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output.	3.0.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:14:33.501348+00:00	Pypa Importer	Affected by	VCID-h4ex-q6n4-pyh5	https://github.com/pypa/advisory-database/blob/main/vulns/bikeshed/PYSEC-2021-117.yaml	38.6.0
2026-06-02T04:14:33.288620+00:00	Pypa Importer	Affected by	VCID-63vz-b8s1-6fdb	https://github.com/pypa/advisory-database/blob/main/vulns/bikeshed/PYSEC-2021-116.yaml	38.6.0