AZL-25953 CVE-2021-36373 affecting package javapackages-bootstrap for versions less than 1.5.0-6

When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected...

AZL-25954 CVE-2021-36374 affecting package javapackages-bootstrap for versions less than 1.5.0-6

When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives...

Jfinal cms suffers from SQL Injection Vulnerability

jfinal cms uses JFinal as a web framework , template engine with beetl, database with mysql, front-end bootstrap framework. Jfinal cms has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.16-alt1

June 30, 2021 Vitaly Lipatov 3.1.16-alt1 - new version 3.1.16 with rpmrb script - .NET Core 3.1.16 and .NET Core SDK 3.1.410 - CVE-2021-31957: ASP.NET Denial of Service Vulnerability - CVE-2021-31204: .NET Core Elevation of Privilege Vulnerability...

Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 5.0.7-alt1

June 30, 2021 Vitaly Lipatov 5.0.7-alt1 - new version 5.0.7 with rpmrb script - CVE-2021-31204: .NET Core Elevation of Privilege Vulnerability - CVE-2021-31957: ASP.NET Denial of Service Vulnerability...

Security fix for the ALT Linux 9 package dotnet-bootstrap-3.1 version 3.1.16-alt1

June 30, 2021 Vitaly Lipatov 3.1.16-alt1 - new version 3.1.16 with rpmrb script - .NET Core 3.1.16 and .NET Core SDK 3.1.410 - CVE-2021-31957: ASP.NET Denial of Service Vulnerability - CVE-2021-31204: .NET Core Elevation of Privilege Vulnerability...

Security fix for the ALT Linux 9 package dotnet-bootstrap-5.0 version 5.0.7-alt1

June 30, 2021 Vitaly Lipatov 5.0.7-alt1 - new version 5.0.7 with rpmrb script - CVE-2021-31204: .NET Core Elevation of Privilege Vulnerability - CVE-2021-31957: ASP.NET Denial of Service Vulnerability...

Cross-site Scripting (XSS)

react-bootstrap-table is vulnerable to cross-site scripting. Lack of sanitization of output from the function dangerouslySetInnerHTML allows an attacker to inject and execute malicious script in a user's browser via the dataFormat parameter when an invalid React element is returned...

CVE-2021-23398

All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...

CVE-2021-23398

All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...

Cross site scripting

All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...

CVE-2021-23398 Cross-site Scripting (XSS)

All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...

CVE-2021-23398

CVE-2021-23398 affects the React Bootstrap Table package. The vulnerability arises from improper validation of user input in the dataFormat parameter, triggering dangerouslySetInnerHTML when an invalid React element is returned, leading to a cross-site scripting (XSS) risk. Public documents descr...

CVE-2021-23398

All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting XSS via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output...

react-bootstrap-table 跨站脚本漏洞

react-bootstrap-table is a package. It is a Bootstrap table built using React.js. A cross-site scripting vulnerability exists in package react-bootstrap-table, which stems from an issue that is triggered when an invalid React element is returned, resulting in the use of dangerous setinnerhtml,...

CVE-2021-20198

A flaw was found in the OpenShift Installer. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated /exec...

SUSE: Security Advisory (SUSE-SU-2020:3045-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sifchain: Cross-site Scripting (XSS) possible at https://sifchain.finance// via CVE-2019-8331 exploitation

Summary: https://sifchain.finance is using Bootstrap framework version 4.0.0 which is =4.0.0 4. Visit https://sifchain.finance/wp-content/themes/icos/assets/js/vendor/bootstrap.min.js?ver=5.7.2 5. You'll get the Bootstrap Version, Which is v4.0.0 and its vulnerable to Cross-site Scripting XSS...

Security Bulletin: IBM License Key Server Administration and Reporting Tool is impacted by multiple vulnerabilities in jQuery, Bootstrap and AngularJS

Summary Multiple vulnerabilities have been found in jQuery, Bootstrap and AngularJS libraries that are used by IBM License Key Server LKS Administration and Reporting Tool ART. Mitigations have been identified and a fix has been published. Vulnerability Details CVEID: CVE-2019-14863 DESCRIPTION:...

Sifchain: Bootstrap library is vulnerable

Summary: The identified library bootstrap, version 4.0.0 is vulnerable Steps To Reproduce: Please upgrade to the latest version of bootstrap. Supporting Material/References: https://github.com/twbs/bootstrap/issues/28236 https://github.com/twbs/bootstrap/issues/20184 Impact XSS was possible in th...