Bootstrap-sass
This hub aggregates every CVE we track for Bootstrap-sass, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
1
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM7CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 8 most recently published vulnerabilities affecting Bootstrap-sass.
- CVE-2024-6485XSS in Bootstrap button component6.4
- CVE-2019-10842Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base6...9.8
- CVE-2019-8331In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.6.1
- CVE-2018-20676In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.6.1
- CVE-2018-20677In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.6.1
- CVE-2016-10735In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.6.1
- CVE-2018-14040In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.6.1
- CVE-2018-14042In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.6.1
Product normalization is registry-driven with AI assist and human review. How it works