CVE-2024-6484

Rejected reason: This was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded.

References

https://security-tracker.debian.org/tracker/CVE-2024-6484

Affected packages

Debian:11 / twitter-bootstrap3

Package

Name: twitter-bootstrap3
Purl: pkg:deb/debian/twitter-bootstrap3?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.1+dfsg-2+deb11u1

Affected versions

3.*

3.4.1+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / twitter-bootstrap3

Package

Name: twitter-bootstrap3
Purl: pkg:deb/debian/twitter-bootstrap3?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.1+dfsg-3+deb12u1

Affected versions

3.*

3.4.1+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / twitter-bootstrap3

Package

Name: twitter-bootstrap3
Purl: pkg:deb/debian/twitter-bootstrap3?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.1+dfsg-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/twbs/bootstrap

Affected ranges

Type: GIT
Repo: https://github.com/twbs/bootstrap
Events: Introduced

c068162161154a4b85110ea1e7dd3d7897ce2b72

Last affected

68b0d231a13201eb14acd3dc84e51543d16e5f7e

Affected versions

v3.*

v3.2.0

v3.3.0

v3.3.1

v3.3.2

v3.3.4

v3.3.5

v3.3.6

v3.3.7

v3.4.0

v3.4.1