Malicious Package

Overview bootstrap-without-jquery is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious code in bootstrap-without-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 903a10dc668799d05b5584a4bbacbc2b9acd690503e3750c3d24a7ba8f1369fd The OpenSSF Package Analysis project identified 'bootstrap-without-jquery' @ 1.1.4 npm as malicious. It is considered malicious because: - The...

MAL-2023-1127 Malicious code in bootstrap-without-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 903a10dc668799d05b5584a4bbacbc2b9acd690503e3750c3d24a7ba8f1369fd The OpenSSF Package Analysis project identified 'bootstrap-without-jquery' @ 1.1.4 npm as malicious. It is considered malicious because: - The...

Malicious code in vpro-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7799537e27ebbb40c248b3be22aca53aaf7d03bb8caacec55ff74194ee411a66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-942 Malicious code in vpro-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7799537e27ebbb40c248b3be22aca53aaf7d03bb8caacec55ff74194ee411a66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2018-14040 DESCRIPTION: Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the collapse data-parent attribute. A remote attacker could...

CVE-2023-31442

In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...

jfinal cms 安全漏洞

jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl , database with mysql , front-end bootstrap framework . jfinal cms v5.1.0 version of a security vulnerability , the source of the...

K000133673: Bootstrap vulnerability CVE-2016-10735

Security Advisory Description In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. CVE-2016-10735 Impact An attacker may exploit this vulnerability to perform a cross-site scripting XSS attack...

F5 Networks BIG-IP : Bootstrap vulnerability (K05380109)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K05380109 advisory. In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.CVE-2018-14041ImpactAn attacker...

CVE-2022-33294

Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message...

Fedora: Security Advisory for rubygem-railties (FEDORA-2023-7002afbbb8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: There are several vulnerabilities in Bootstrap used by IBM Maximo Asset Management

Summary There are several vulnerabilities in Bootstrap used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2018-14040 DESCRIPTION: Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the collapse data-parent attribute. A remote...

CVE-2022-33294 NULL pointer dereference in Modem

Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message...

CVE-2022-33294

CVE-2022-33294 affects Qualcomm modem software where a NULL pointer dereference during processing of an lwm2m registration/update/bootstrap response leads to a transient denial-of-service. The impact is a crash or service disruption on the modem; CVSSv3.1 base score 7.5 (Network, Low attack compl...

PT-2023-13298 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a Transient DOS in the Modem due to a NULL pointer dereference. This occurs while receiving a response to an lwm2m registration, update, or bootstrap request message...

CVE-2022-4415 affecting package systemd-bootstrap for versions less than 250.3-12

CVE-2022-4415 affecting package systemd-bootstrap for versions less than 250.3-12. A patched version of the package is available...

Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.32-alt1

3.1.32-alt1 built March 18, 2023 Vitaly Lipatov in task 316692 March 12, 2023 Vitaly Lipatov - .NET Core 3.1.32 and .NET Core SDK 3.1.426 releases - CVE-2022-41089: .NET Remote Code Execution Vulnerability - CVE-2022-41032: .NET Elevation of Privilege Vulnerability - CVE-2022-38013: .NET Denial o...

Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 5.0.17-alt1

5.0.17-alt1 built March 18, 2023 Vitaly Lipatov in task 316692 March 12, 2023 Vitaly Lipatov - new version 5.0.17 with rpmgs script - CVE-2022-29117: .NET Denial of Service Vulnerability - CVE-2022-29145: .NET Denial of Service Vulnerability - CVE-2022-23267: .NET Denial of Service Vulnerability...

Security fix for the ALT Linux 10 package dotnet-bootstrap-7.0 version 7.0.3-alt1

7.0.3-alt1 built March 18, 2023 Vitaly Lipatov in task 316692 March 13, 2023 Vitaly Lipatov - The .NET 7.0.3 and .NET SDK 7.0.103 releases - CVE-2023-21808: .NET Remote Code Execution Vulnerability...