Bootstrap
This hub aggregates every CVE we track for Bootstrap, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM9
Monthly trend
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 9 most recently published vulnerabilities affecting Bootstrap.
- CVE-2025-1647XSS in Bootstrap title attribute for Tooltip and Popover5.6
- CVE-2024-6485XSS in Bootstrap button component6.4
- CVE-2019-8331In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.6.1
- CVE-2018-20676In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.6.1
- CVE-2018-20677In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.6.1
- CVE-2016-10735In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.6.1
- CVE-2018-14040In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.6.1
- CVE-2018-14042In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.6.1
- CVE-2018-14041In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.6.1
Product normalization is registry-driven with AI assist and human review. How it works