Skip to content

Commit 0af08a0

Browse files
reedlodenreedloden
committed
Add CVE-2019-8331 for bootstrap
1 parent a4b1ed8 commit 0af08a0

File tree

1 file changed

+20
-0
lines changed

1 file changed

+20
-0
lines changed

gems/bootstrap/CVE-2019-8331.yml

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
---
2+
gem: bootstrap
3+
cve: 2019-8331
4+
url: https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/
5+
title: XSS vulnerability in bootstrap
6+
date: 2019-02-15
7+
8+
description: |
9+
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible
10+
in the tooltip or popover data-template attribute.
11+
12+
cvss_v2: 4.3
13+
cvss_v3: 6.1
14+
15+
patched_versions:
16+
- '>= 4.3.1'
17+
18+
related:
19+
url:
20+
- https://github.com/twbs/bootstrap-rubygem/releases/tag/v4.3.1

0 commit comments

Comments
 (0)