Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/bootstrap.sass@5.0.0-alpha1
Typenuget
Namespace
Namebootstrap.sass
Version5.0.0-alpha1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.0.0
Latest_non_vulnerable_version5.0.0
Affected_by_vulnerabilities
0
url VCID-dz2e-hf4q-hfh2
vulnerability_id VCID-dz2e-hf4q-hfh2
summary 
Bootstrap Cross-Site Scripting (XSS) vulnerability
A vulnerability has been identified in Bootstrap that exposes users
to Cross-Site Scripting (XSS) attacks. The issue is present in the
carousel component, where the data-slide and data-slide-to attributes
can be exploited through the href attribute of an <a> tag due to
inadequate sanitization. This vulnerability could potentially enable
attackers to execute arbitrary JavaScript within the victim's browser.
references
0
reference_url https://github.com/advisories/GHSA-vc8w-jr9v-vj7f
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vc8w-jr9v-vj7f
1
reference_url https://github.com/twbs/bootstrap
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap
2
reference_url https://lists.debian.org/debian-lts-announce/2025/04/msg00021.html
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/04/msg00021.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6531
reference_id CVE-2024-6531
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6531
4
reference_url https://www.herodevs.com/vulnerability-directory/cve-2024-6531
reference_id CVE-2024-6531
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2024-6531
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2024-6531.yml
reference_id CVE-2024-6531.YML
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2024-6531.yml
6
reference_url https://usn.ubuntu.com/7556-1/
reference_id USN-7556-1
reference_type
scores
url https://usn.ubuntu.com/7556-1/
fixed_packages
0
url pkg:nuget/bootstrap.sass@5.0.0
purl pkg:nuget/bootstrap.sass@5.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap.sass@5.0.0
aliases CVE-2024-6531, GHSA-vc8w-jr9v-vj7f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dz2e-hf4q-hfh2
Fixing_vulnerabilities
0
url VCID-dz2e-hf4q-hfh2
vulnerability_id VCID-dz2e-hf4q-hfh2
summary 
Bootstrap Cross-Site Scripting (XSS) vulnerability
A vulnerability has been identified in Bootstrap that exposes users
to Cross-Site Scripting (XSS) attacks. The issue is present in the
carousel component, where the data-slide and data-slide-to attributes
can be exploited through the href attribute of an <a> tag due to
inadequate sanitization. This vulnerability could potentially enable
attackers to execute arbitrary JavaScript within the victim's browser.
references
0
reference_url https://github.com/advisories/GHSA-vc8w-jr9v-vj7f
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vc8w-jr9v-vj7f
1
reference_url https://github.com/twbs/bootstrap
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap
2
reference_url https://lists.debian.org/debian-lts-announce/2025/04/msg00021.html
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/04/msg00021.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6531
reference_id CVE-2024-6531
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6531
4
reference_url https://www.herodevs.com/vulnerability-directory/cve-2024-6531
reference_id CVE-2024-6531
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2024-6531
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2024-6531.yml
reference_id CVE-2024-6531.YML
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2024-6531.yml
6
reference_url https://usn.ubuntu.com/7556-1/
reference_id USN-7556-1
reference_type
scores
url https://usn.ubuntu.com/7556-1/
fixed_packages
0
url pkg:nuget/bootstrap.sass@5.0.0-alpha1
purl pkg:nuget/bootstrap.sass@5.0.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dz2e-hf4q-hfh2
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap.sass@5.0.0-alpha1
1
url pkg:nuget/bootstrap.sass@5.0.0
purl pkg:nuget/bootstrap.sass@5.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap.sass@5.0.0
aliases CVE-2024-6531, GHSA-vc8w-jr9v-vj7f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dz2e-hf4q-hfh2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/bootstrap.sass@5.0.0-alpha1