Debian Twitter-Bootstrap3 vulnerabilities

9 known vulnerabilities affecting debian/twitter-bootstrap3.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM6LOW3

Vulnerabilities

Page 1 of 1
CVE-2025-1647MEDIUMCVSS 5.6fixed in twitter-bootstrap3 3.4.1+dfsg-2+deb11u2 (bullseye)2025
CVE-2025-1647 [MEDIUM] CVE-2025-1647: twitter-bootstrap3 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting (XSS).This issue affects Bootstrap: from 3.4.1 before 4.0.0. Scope: local bookworm: open bullseye: resolved (fixed in 3.4.1+dfsg-2+deb11u2) forky: resolved (fixed in 3.4.1+dfsg-5) sid: resolved (fixed in 3.4.1+
debian
CVE-2024-6485MEDIUMCVSS 6.4fixed in twitter-bootstrap3 3.4.1+dfsg-3+deb12u1 (bookworm)2024
CVE-2024-6485 [MEDIUM] CVE-2024-6485: twitter-bootstrap3 - A security vulnerability has been discovered in bootstrap that could enable Cros... A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting (XSS) attacks. The vulnerability is associated with the data-loading-text attribute within the button plugin. This vulnerability can be exploited by injecting malicious JavaScript code into the attribute, which would then be executed when the button's loading
debian
CVE-2019-8331MEDIUMCVSS 6.1fixed in twitter-bootstrap3 3.4.1+dfsg-1 (bookworm)2019
CVE-2019-8331 [MEDIUM] CVE-2019-8331: twitter-bootstrap3 - In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip... In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. Scope: local bookworm: resolved (fixed in 3.4.1+dfsg-1) bullseye: resolved (fixed in 3.4.1+dfsg-1) forky: resolved (fixed in 3.4.1+dfsg-1) sid: resolved (fixed in 3.4.1+dfsg-1) trixie: resolved (fixed in 3.4.1+dfsg-1)
debian
CVE-2018-20676MEDIUMCVSS 6.1fixed in twitter-bootstrap3 3.4.0+dfsg-1 (bookworm)2018
CVE-2018-20676 [MEDIUM] CVE-2018-20676: twitter-bootstrap3 - In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribut... In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. Scope: local bookworm: resolved (fixed in 3.4.0+dfsg-1) bullseye: resolved (fixed in 3.4.0+dfsg-1) forky: resolved (fixed in 3.4.0+dfsg-1) sid: resolved (fixed in 3.4.0+dfsg-1) trixie: resolved (fixed in 3.4.0+dfsg-1)
debian
CVE-2018-20677MEDIUMCVSS 6.1fixed in twitter-bootstrap3 3.4.0+dfsg-1 (bookworm)2018
CVE-2018-20677 [MEDIUM] CVE-2018-20677: twitter-bootstrap3 - In Bootstrap before 3.4.0, XSS is possible in the affix configuration target pro... In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. Scope: local bookworm: resolved (fixed in 3.4.0+dfsg-1) bullseye: resolved (fixed in 3.4.0+dfsg-1) forky: resolved (fixed in 3.4.0+dfsg-1) sid: resolved (fixed in 3.4.0+dfsg-1) trixie: resolved (fixed in 3.4.0+dfsg-1)
debian
CVE-2018-14040LOWCVSS 6.1fixed in twitter-bootstrap3 3.4.0+dfsg-1 (bookworm)2018
CVE-2018-14040 [MEDIUM] CVE-2018-14040: twitter-bootstrap3 - In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute... In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. Scope: local bookworm: resolved (fixed in 3.4.0+dfsg-1) bullseye: resolved (fixed in 3.4.0+dfsg-1) forky: resolved (fixed in 3.4.0+dfsg-1) sid: resolved (fixed in 3.4.0+dfsg-1) trixie: resolved (fixed in 3.4.0+dfsg-1)
debian
CVE-2018-14041LOWCVSS 6.12018
CVE-2018-14041 [MEDIUM] CVE-2018-14041: twitter-bootstrap3 - In Bootstrap before 4.1.2, XSS is possible in the data-target property of scroll... In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2018-14042LOWCVSS 6.1fixed in twitter-bootstrap3 3.4.0+dfsg-1 (bookworm)2018
CVE-2018-14042 [MEDIUM] CVE-2018-14042: twitter-bootstrap3 - In Bootstrap before 4.1.2, XSS is possible in the data-container property of too... In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. Scope: local bookworm: resolved (fixed in 3.4.0+dfsg-1) bullseye: resolved (fixed in 3.4.0+dfsg-1) forky: resolved (fixed in 3.4.0+dfsg-1) sid: resolved (fixed in 3.4.0+dfsg-1) trixie: resolved (fixed in 3.4.0+dfsg-1)
debian
CVE-2016-10735MEDIUMCVSS 6.1fixed in twitter-bootstrap3 3.4.0+dfsg-1 (bookworm)2016
CVE-2016-10735 [MEDIUM] CVE-2016-10735: twitter-bootstrap3 - In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible ... In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. Scope: local bookworm: resolved (fixed in 3.4.0+dfsg-1) bullseye: resolved (fixed in 3.4.0+dfsg-1) forky: resolved (fixed in 3.4.0+dfsg-1) sid: resolved (fixed in 3.4.0+dfsg-1) trixie: resolved (fix
debian