bootstrap.sass

NuGet5 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting bootstrap.sasspage 1 of 1

CVE-2016-10735MEDIUMCVSS 6.1EG 6.1✓ Fixed in 4.0.0-beta.2
2019-01-09
vulnerable: 4.0.0-beta
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2018-14040MEDIUMCVSS 6.1EG 6.1✓ Fixed in 4.1.2
2018-07-13
vulnerable: 4.0.0, 4.1.0, 4.1.1, 4.1.1-contentFiles
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2018-14041MEDIUMCVSS 6.1EG 6.1✓ Fixed in 4.1.2
2018-07-13
vulnerable: 4.0.0, 4.1.0, 4.1.1, 4.1.1-contentFiles
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
CVE-2018-14042MEDIUMCVSS 6.1EG 6.1✓ Fixed in 4.1.2
2018-07-13
vulnerable: 4.0.0, 4.1.0, 4.1.1, 4.1.1-contentFiles
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2019-8331MEDIUMCVSS 6.1EG 6.1✓ Fixed in 4.3.1
2019-02-20
vulnerable: 3.4.1 ... 4.2.1 (17 versions)
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

Check whether bootstrap.sass is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for bootstrap.sass CVEs against the assets you own.

Start Free Scan →