Search for packages
Package details: pkg:deb/debian/twitter-bootstrap4@4.5.2%2Bdfsg1-8~deb11u1
purl pkg:deb/debian/twitter-bootstrap4@4.5.2%2Bdfsg1-8~deb11u1
Next non-vulnerable version 4.6.1+dfsg1-4
Latest non-vulnerable version 4.6.1+dfsg1-4
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-qceg-ajt8-jfct
Aliases:
CVE-2024-6531
GHSA-vc8w-jr9v-vj7f
Bootstrap Cross-Site Scripting (XSS) vulnerability A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.
4.6.1+dfsg1-4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-07-02T02:33:14.967365+00:00 Debian Oval Importer Affected by VCID-qceg-ajt8-jfct https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3