Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/bootstrap@4.1.2
Typenuget
Namespace
Namebootstrap
Version4.1.2
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.4.0
Latest_non_vulnerable_version4.3.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3h7c-7tz9-mqeq
vulnerability_id VCID-3h7c-7tz9-mqeq
summary 
Cross-site Scripting
In Bootstrap, XSS is possible in the collapse data-parent attribute.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14040
reference_id
reference_type
scores
0
value 0.01926
scoring_system epss
scoring_elements 0.83677
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14040
1
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
reference_id
reference_type
scores
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
2
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
reference_id
reference_type
scores
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
3
reference_url https://github.com/twbs/bootstrap/blob/v3.4.1/js/collapse.js#L140
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/blob/v3.4.1/js/collapse.js#L140
4
reference_url https://github.com/twbs/bootstrap/blob/v3.4.1/js/scrollspy.js#L56
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/blob/v3.4.1/js/scrollspy.js#L56
5
reference_url https://github.com/twbs/bootstrap/blob/v3.4.1/js/tooltip.js#L352
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/blob/v3.4.1/js/tooltip.js#L352
6
reference_url https://github.com/twbs/bootstrap/commit/149096016f70fd815540d62c0989fd99cdc809e0
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/commit/149096016f70fd815540d62c0989fd99cdc809e0
7
reference_url https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d
8
reference_url https://github.com/twbs/bootstrap/issues/26423
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/issues/26423
9
reference_url https://github.com/twbs/bootstrap/issues/26625
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/issues/26625
10
reference_url https://github.com/twbs/bootstrap/pull/26630
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/pull/26630
11
reference_url https://github.com/twbs/bootstrap-rubygem/commit/f34c43c936ac7d0ebb129289321d8c51cd56aed1#diff-4e736e880b7fc39eb5e85576b629f6e3cd08f02f45104a7b4581f82852e97a81R1306
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap-rubygem/commit/f34c43c936ac7d0ebb129289321d8c51cd56aed1#diff-4e736e880b7fc39eb5e85576b629f6e3cd08f02f45104a7b4581f82852e97a81R1306
12
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
18
reference_url https://lists.debian.org/debian-lts-announce/2018/08/msg00027.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/08/msg00027.html
19
reference_url https://seclists.org/bugtraq/2019/May/18
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/May/18
20
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuApr2021.html
21
reference_url https://www.tenable.com/security/tns-2021-14
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2021-14
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14040
reference_id CVE-2018-14040
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-14040
23
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14040.yml
reference_id CVE-2018-14040.YML
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14040.yml
24
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2018-14040.yml
reference_id CVE-2018-14040.YML
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2018-14040.yml
25
reference_url https://github.com/advisories/GHSA-3wqf-4x89-9g79
reference_id GHSA-3wqf-4x89-9g79
reference_type
scores
url https://github.com/advisories/GHSA-3wqf-4x89-9g79
fixed_packages
0
url pkg:nuget/bootstrap@3.4.0
purl pkg:nuget/bootstrap@3.4.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap@3.4.0
1
url pkg:nuget/bootstrap@4.1.2
purl pkg:nuget/bootstrap@4.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap@4.1.2
aliases CVE-2018-14040, GHSA-3wqf-4x89-9g79
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3h7c-7tz9-mqeq
1
url VCID-n15b-85zy-2yhm
vulnerability_id VCID-n15b-85zy-2yhm
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the data-container property of tooltip.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14042
reference_id
reference_type
scores
0
value 0.02281
scoring_system epss
scoring_elements 0.84951
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14042
1
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
reference_id
reference_type
scores
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
2
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
reference_id
reference_type
scores
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
3
reference_url https://github.com/twbs/bootstrap
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap
4
reference_url https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d
5
reference_url https://github.com/twbs/bootstrap/commit/2d90d369bbc2bd2647620246c55cec8c4705e3d0
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/commit/2d90d369bbc2bd2647620246c55cec8c4705e3d0
6
reference_url https://github.com/twbs/bootstrap/issues/26423
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/issues/26423
7
reference_url https://github.com/twbs/bootstrap/issues/26428
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/issues/26428
8
reference_url https://github.com/twbs/bootstrap/issues/26628
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/issues/26628
9
reference_url https://github.com/twbs/bootstrap/pull/26630
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/pull/26630
10
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
16
reference_url https://seclists.org/bugtraq/2019/May/18
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/May/18
17
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuApr2021.html
18
reference_url https://www.tenable.com/security/tns-2021-14
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2021-14
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14042
reference_id CVE-2018-14042
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-14042
20
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14042.yml
reference_id CVE-2018-14042.YML
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14042.yml
21
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2018-14042.yml
reference_id CVE-2018-14042.YML
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2018-14042.yml
22
reference_url https://github.com/advisories/GHSA-7mvr-5x2g-wfc8
reference_id GHSA-7mvr-5x2g-wfc8
reference_type
scores
url https://github.com/advisories/GHSA-7mvr-5x2g-wfc8
fixed_packages
0
url pkg:nuget/bootstrap@3.4.0
purl pkg:nuget/bootstrap@3.4.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap@3.4.0
1
url pkg:nuget/bootstrap@4.1.2
purl pkg:nuget/bootstrap@4.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap@4.1.2
aliases CVE-2018-14042, GHSA-7mvr-5x2g-wfc8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n15b-85zy-2yhm
2
url VCID-qxqn-abw1-3qfc
vulnerability_id VCID-qxqn-abw1-3qfc
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the data-target property of scrollspy.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:1456
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1456
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14041
reference_id
reference_type
scores
0
value 0.07917
scoring_system epss
scoring_elements 0.92163
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14041
2
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
reference_id
reference_type
scores
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
3
reference_url https://github.com/twbs/bootstrap
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap
4
reference_url https://github.com/twbs/bootstrap/issues/26423
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/issues/26423
5
reference_url https://github.com/twbs/bootstrap/issues/26627
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/issues/26627
6
reference_url https://github.com/twbs/bootstrap/pull/26630
reference_id
reference_type
scores
url https://github.com/twbs/bootstrap/pull/26630
7
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
12
reference_url https://seclists.org/bugtraq/2019/May/18
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/May/18
13
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-006
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-006
14
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuApr2021.html
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14041
reference_id CVE-2018-14041
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-14041
16
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml
reference_id CVE-2018-14041.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml
17
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml
reference_id CVE-2018-14041.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml
18
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml
reference_id CVE-2018-14041.YML
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml
19
reference_url https://github.com/advisories/GHSA-pj7m-g53m-7638
reference_id GHSA-pj7m-g53m-7638
reference_type
scores
url https://github.com/advisories/GHSA-pj7m-g53m-7638
fixed_packages
0
url pkg:nuget/bootstrap@4.1.2
purl pkg:nuget/bootstrap@4.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap@4.1.2
aliases CVE-2018-14041, GHSA-pj7m-g53m-7638
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxqn-abw1-3qfc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap@4.1.2