CVE-2018-20676

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2018-20676

Severity

Unknown

Description

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

References

https://images.chainguard.dev/security/CGA-c74j-g9qp-p3wv
https://github.com/advisories/GHSA-3mgp-fx93-9xv5
https://images.chainguard.dev/security/CGA-5jch-fp33-mj33
https://images.chainguard.dev/security/CGA-xr63-fpx9-r2j8
https://images.chainguard.dev/security/CGA-2v5w-652p-fqvg
https://images.chainguard.dev/security/CGA-whxc-72j7-92xx
https://images.chainguard.dev/security/CGA-999j-724c-xf7v
https://images.chainguard.dev/security/CGA-87w5-643p-f6vg
https://images.chainguard.dev/security/CGA-2jw3-pr2x-28j4
https://images.chainguard.dev/security/CGA-q24g-96rc-jqfh
https://images.chainguard.dev/security/CGA-r7mj-6j86-v4fx
https://images.chainguard.dev/security/CGA-4xc5-fpx3-q2jx
https://images.chainguard.dev/security/CGA-hvgv-fmxc-jpj8
https://images.chainguard.dev/security/CGA-xjrm-cxm3-v389
https://images.chainguard.dev/security/CGA-3rgj-ghpf-65m2
https://images.chainguard.dev/security/CGA-hgmf-5x7h-qxhw
https://access.redhat.com/errata/RHBA-2019:1076
https://access.redhat.com/errata/RHBA-2019:1570
https://access.redhat.com/errata/RHSA-2019:1456
https://access.redhat.com/errata/RHSA-2019:3023
https://access.redhat.com/errata/RHSA-2020:0132
https://access.redhat.com/errata/RHSA-2020:0133
https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/
https://github.com/twbs/bootstrap/pull/27047
https://github.com/twbs/bootstrap/issues/27044
https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906
https://github.com/twbs/bootstrap/issues/27915#issuecomment-452196628
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E
https://www.tenable.com/security/tns-2021-14
https://security-tracker.debian.org/tracker/CVE-2018-20676

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2018-20676

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources