78 matches found
GHSA-9V3M-8FP8-MJ99 Bootstrap Vulnerable to Cross-Site Scripting
Versions of bootstrap prior to 3.4.1 for 3.x and 4.3.1 for 4.x are vulnerable to Cross-Site Scripting XSS. The data-template attribute of the tooltip and popover plugins lacks input sanitization and may allow attacker to execute arbitrary JavaScript. Recommendation For bootstrap 4.x upgrade to...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +505 more potentially affected by CVE-2018-20677 via org.webjars:bootstrap (>=2.2.1 <=3.3.7)
org.webjars:bootstrap MAVEN version =2.2.1, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-20677 Source advisory: OSV:GHSA-PH58-4VRJ-W6HR...
@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +456 more potentially affected by CVE-2018-20677 via bootstrap (>=0.0.2 <=3.3.7)
bootstrap NPM version =0.0.2, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2018-20677 Source advisory: OSV:GHSA-PH58-4VRJ-W6HR...
@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +456 more potentially affected by CVE-2018-20676 via bootstrap (>=0.0.2 <=3.3.7)
bootstrap NPM version =0.0.2, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2018-20676 Source advisory: OSV:GHSA-3MGP-FX93-9XV5...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +505 more potentially affected by CVE-2018-20676 via org.webjars:bootstrap (>=2.2.1 <=3.3.7)
org.webjars:bootstrap MAVEN version =2.2.1, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-20676 Source advisory: OSV:GHSA-3MGP-FX93-9XV5...
@7ninjas/scss-mixins (>=0.0.0 <=1.0.0-alpha2), @alv-ch/alv-styleguide (>=0.0.1-1.alpha <=0.1.8) +47 more potentially affected by CVE-2016-10735 via bootstrap (=4.0.0-beta)
bootstrap NPM version =4.0.0-beta is affected by a known vulnerability. The following packages have a transitive dependency on bootstrap and may be impacted: - @7ninjas/scss-mixins =0.0.0, =0.0.1-1.alpha, =0.0.1, =0.3.0, =0.0.1, =1.0.0, =0.2.15, =0.0.5, =0.1.0, =0.1.1 and more Source cves:...
@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +455 more potentially affected by CVE-2016-10735 via bootstrap (>=3.1.1 <=3.3.7)
bootstrap NPM version =3.1.1, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2016-10735 Source advisory: OSV:GHSA-4P24-VMCR-4GQJ...
DEBIAN-CVE-2018-20677
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property...
UBUNTU-CVE-2016-10735
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...
UBUNTU-CVE-2018-20676
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute...
com.slyak:slyak-web-bootstrap (>=1.0.3.RELEASE <=1.0.4.RELEASE), de.smartsquare.squit:de.smartsquare.squit.gradle.plugin (>=2.0.0 <=2.2.0) +23 more potentially affected by CVE-2018-14042 via org.webjars:bootstrap (>=4.0.0 <=4.1.1)
org.webjars:bootstrap MAVEN version =4.0.0, =1.0.3.RELEASE, =2.0.0, =2.1.0, =2.0.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.3 - org.orienteer:orienteer-architect =1.4 - org.orienteer:orienteer-birt =1.4 - org.orienteer:orienteer-bpm =1.4 - org.orienteer:orienteer-camel =1.4 -...
@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +455 more potentially affected by CVE-2018-14042 via bootstrap (>=3.1.1 <=3.3.7)
bootstrap NPM version =3.1.1, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2018-14042 Source advisory: OSV:GHSA-7MVR-5X2G-WFC8...
@7ninjas/scss-mixins (=1.0.0-alpha3), @afiniti/design-system (>=0.0.1 <=0.0.8) +247 more potentially affected by CVE-2018-14042 via bootstrap (>=4.0.0 <=4.1.1)
bootstrap NPM version =4.0.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.1.0, =1.0.0, =0.0.16, =0.0.1, =1.0.0, =2.0.0-alpha, =2.3.2, =1.0.0, =1.0.3 - @evoxmusic/angular =0.7.5 and more Source cves: CVE-2018-14042 Source advisory: OSV:GHSA-7MVR-5X2G-WFC8...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +493 more potentially affected by CVE-2018-14042 via org.webjars:bootstrap (>=2.3.0 <=3.3.7)
org.webjars:bootstrap MAVEN version =2.3.0, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-14042 Source advisory: OSV:GHSA-7MVR-5X2G-WFC8...
com.slyak:slyak-web-bootstrap (>=1.0.3.RELEASE <=1.0.4.RELEASE), de.smartsquare.squit:de.smartsquare.squit.gradle.plugin (>=2.0.0 <=2.2.0) +23 more potentially affected by CVE-2018-14041 via org.webjars:bootstrap (>=4.0.0 <=4.1.1)
org.webjars:bootstrap MAVEN version =4.0.0, =1.0.3.RELEASE, =2.0.0, =2.1.0, =2.0.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.3 - org.orienteer:orienteer-architect =1.4 - org.orienteer:orienteer-birt =1.4 - org.orienteer:orienteer-bpm =1.4 - org.orienteer:orienteer-camel =1.4 -...
AZL-44334 CVE-2018-14040 affecting package python-openstackdocstheme 3.0.0-9
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute...
UBUNTU-CVE-2018-14040
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute...
UBUNTU-CVE-2018-14042
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip...