VulnerableCode Package Details - pkg:npm/bootstrap@0.0.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/bootstrap@0.0.2

Essentials
History (16)

purl	pkg:npm/bootstrap@0.0.2

Next non-vulnerable version	4.0.0-alpha.2
Latest non-vulnerable version	5.0.0
Risk	3.1

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-br4c-7x9j-g3f6 Aliases: CVE-2018-20676 GHSA-3mgp-fx93-9xv5	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') In Bootstrap, XSS is possible in the tooltip data-viewport attribute.	3.4.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hbwg-ebvx-k7e1 Aliases: CVE-2018-14040 GHSA-3wqf-4x89-9g79	Cross-site Scripting In Bootstrap, XSS is possible in the collapse data-parent attribute.	3.4.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 4.0.0-alpha.2 Affected by 0 other vulnerabilities. 4.1.2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hqne-7h6h-3ff8 Aliases: CVE-2018-20677 GHSA-ph58-4vrj-w6hr	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') In Bootstrap, XSS is possible in the affix configuration target property.	3.4.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vfsr-kypp-wbea Aliases: CVE-2018-14042 GHSA-7mvr-5x2g-wfc8	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') In Bootstrap, XSS is possible in the data-container property of tooltip.	3.4.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 4.0.0-alpha.2 Affected by 0 other vulnerabilities. 4.1.2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:51:09.261400+00:00	GitLab Importer	Affected by	VCID-hqne-7h6h-3ff8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-20677.yml	38.4.0
2026-04-16T20:51:06.739062+00:00	GitLab Importer	Affected by	VCID-br4c-7x9j-g3f6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-20676.yml	38.4.0
2026-04-16T20:46:20.592201+00:00	GitLab Importer	Affected by	VCID-hbwg-ebvx-k7e1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-14040.yml	38.4.0
2026-04-16T20:46:20.375006+00:00	GitLab Importer	Affected by	VCID-vfsr-kypp-wbea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-14042.yml	38.4.0
2026-04-11T22:01:52.354603+00:00	GitLab Importer	Affected by	VCID-hqne-7h6h-3ff8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-20677.yml	38.3.0
2026-04-11T22:01:49.921973+00:00	GitLab Importer	Affected by	VCID-br4c-7x9j-g3f6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-20676.yml	38.3.0
2026-04-11T21:57:07.293518+00:00	GitLab Importer	Affected by	VCID-hbwg-ebvx-k7e1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-14040.yml	38.3.0
2026-04-11T21:57:07.056927+00:00	GitLab Importer	Affected by	VCID-vfsr-kypp-wbea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-14042.yml	38.3.0
2026-04-02T22:14:53.531461+00:00	GitLab Importer	Affected by	VCID-hqne-7h6h-3ff8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-20677.yml	38.1.0
2026-04-02T22:14:50.918888+00:00	GitLab Importer	Affected by	VCID-br4c-7x9j-g3f6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-20676.yml	38.1.0
2026-04-02T22:10:30.146150+00:00	GitLab Importer	Affected by	VCID-hbwg-ebvx-k7e1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-14040.yml	38.1.0
2026-04-02T22:10:29.926846+00:00	GitLab Importer	Affected by	VCID-vfsr-kypp-wbea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-14042.yml	38.1.0
2026-04-01T16:32:25.528207+00:00	GitLab Importer	Affected by	VCID-hqne-7h6h-3ff8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-20677.yml	38.0.0
2026-04-01T16:32:22.998731+00:00	GitLab Importer	Affected by	VCID-br4c-7x9j-g3f6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-20676.yml	38.0.0
2026-04-01T16:27:50.265949+00:00	GitLab Importer	Affected by	VCID-hbwg-ebvx-k7e1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-14040.yml	38.0.0
2026-04-01T16:27:50.037740+00:00	GitLab Importer	Affected by	VCID-vfsr-kypp-wbea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/bootstrap/CVE-2018-14042.yml	38.0.0