| Package | twitter-bootstrap3 |
|---|---|
| Version | 3.3.7+dfsg-2+deb9u3~deb8u1 (jessie) |
| Related CVEs | CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2024-6484 CVE-2024-6485 |
Bootstrap (formerly Twitter Bootstrap), a free and open-source CSS framework, was affected by multiple XSS vulnerabilities.
If you use bootstrap through a module bundler, you may need to rebuild your application.
For Debian 8 jessie, these problems have been fixed in version 3.3.7+dfsg-2+deb9u3~deb8u1.
We recommend that you upgrade your twitter-bootstrap3 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.