| Package | twitter-bootstrap4 |
|---|---|
| Version | 4.3.1+dfsg2-1+deb10u1 (buster) |
| Related CVEs | CVE-2024-6531 |
Bootstrap (formerly Twitter Bootstrap), a free and open-source CSS framework, was affected by a XSS vulnerability in carousel component.
If you use bootstrap through a module bundler, you may need to rebuild your application.
For Debian 10 buster, these problems have been fixed in version 4.3.1+dfsg2-1+deb10u1.
We recommend that you upgrade your twitter-bootstrap4 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.