See on RubyGems

bootstrap-sass 1.3.1

4 security vulnerabilities found in version 1.3.1

XSS vulnerability in bootstrap-sass

medium severity CVE-2019-8331
medium severity CVE-2019-8331
Patched versions: >= 3.4.1

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

bootstrap Cross-site Scripting vulnerability

medium severity CVE-2018-20677
medium severity CVE-2018-20677
Patched versions: >= 3.4.0

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

XSS vulnerability that affects bootstrap

medium severity CVE-2018-20676
medium severity CVE-2018-20676
Patched versions: >= 3.4.0

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

XSS vulnerability via data-target in bootstrap-sass

medium severity CVE-2016-10735
medium severity CVE-2016-10735
Patched versions: >= 3.4.0

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute.

No officially reported memory leakage issues detected.

This gem version does not have any officially reported memory leaked issues.

Gem version without a license.

Unless a license that specifies otherwise is included, nobody can use, copy, distribute, or modify this library without being at risk of take-downs, shake-downs, or litigation.

This gem version is available.

This gem version has not been yanked and is still available for usage.