Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

bootstrap

Ecosystem:
npm
Package URL:
pkg:npm/bootstrap
Total PRs:
3,493 Dependabot PRs
Latest PR:
about 7 hours ago
Unique Repositories:
1,824 repositories
Unique Repos (30 days):
744 repositories
Security Advisories
XSS vulnerability that affects bootstrap
GHSA-3mgp-fx93-9xv5 CVE-2018-20676 MODERATE published over 6 years ago • updated 28 days ago
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Bootstrap Cross-site Scripting vulnerability
GHSA-4p24-vmcr-4gqj CVE-2016-10735 MODERATE published over 6 years ago • updated about 1 month ago
In Bootstrap 2.x from 2.0.4, 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute. Note that this is a d...
Bootstrap Vulnerable to Cross-Site Scripting
GHSA-9v3m-8fp8-mj99 CVE-2019-8331 MODERATE published over 6 years ago • updated about 1 month ago
Versions of `bootstrap` prior to 3.4.1 for 3.x and 4.3.1 for 4.x are vulnerable to Cross-Site Scripting (XSS). The `data-template` attribute of th...
bootstrap Cross-site Scripting vulnerability
GHSA-ph58-4vrj-w6hr CVE-2018-20677 MODERATE published over 6 years ago • updated about 1 month ago
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
Moderate severity vulnerability that affects bootstrap and bootstrap-sass
GHSA-wh77-3x4m-4q9g CVE-2019-8331 MODERATE published over 6 years ago • updated 3 months ago
In Bootstrap 4 before 4.3.1 and Bootstrap 3 before 3.4.1, XSS is possible in the tooltip or popover data-template attribute. For more information, ...
View all 11 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump the all-ui-deps group across 1 directory with 46 updates

craftercms/studio-ui #4631

5.3.7 → 5.3.8 Patch PR
Open about 9 hours ago
craftercms
build(deps): update bootstrap requirement from ^5.3.6 to ^5.3.8 in the prod-deps group

DawnNine/DawnNine.github.io #2

^5.3.6 → ^5.3.8 Patch PR
Open about 24 hours ago
DawnNine
Update bootstrap requirement from ^5.3.6 to ^5.3.8 in the prod-deps group

jtlizzz/jtlizzz.github.io #2

^5.3.6 → ^5.3.8 Patch PR
Open 1 day ago
jtlizzz
Update bootstrap requirement from ^5.3.6 to ^5.3.8 in the prod-deps group

M200is/m200is.github.io #2

^5.3.6 → ^5.3.8 Patch PR
Open 1 day ago
M200is
Bump the js-production-dependencies group across 1 directory with 44 updates

texpert/rails_6_rss_reader #5174

5.3.7 → 5.3.8 Patch PR
Open 1 day ago
texpert
build(deps): bump the npm group across 1 directory with 15 updates

sbomify/sbomify #253

5.3.7 → 5.3.8 Patch PR
Open 2 days ago
sbomify
Bump bootstrap from 5.3.7 to 5.3.8 in /ui/main

opfab/operatorfabric-core #8839

5.3.7 → 5.3.8 Patch PR
Open 2 days ago
opfab
chore(deps-dev): bump bootstrap from 5.3.7 to 5.3.8

dlawjd65/Backoffice #10

5.3.7 → 5.3.8 Patch PR
Open 2 days ago
dlawjd65
Bump the all-ui-deps group across 1 directory with 47 updates

craftercms/studio-ui #4628

5.3.7 → 5.3.8 Patch PR
Open 2 days ago
craftercms
Bump the js-production-dependencies group across 1 directory with 42 updates

texpert/rails_6_rss_reader #5172

5.3.7 → 5.3.8 Patch PR
Closed 2 days ago 1 comment
texpert
build(deps): update bootstrap requirement from ^5.3.6 to ^5.3.8 in the prod-deps group

bobo-bc/bobo-bc.github.io #2

^5.3.6 → ^5.3.8 Patch PR
Closed 3 days ago
bobo-bc
build(deps): update bootstrap requirement from ^5.3.6 to ^5.3.8 in the prod-deps group

Scyl14/blog #2

^5.3.6 → ^5.3.8 Patch PR
Open 3 days ago 1 comment
Scyl14
Bump the js-production-dependencies group across 1 directory with 40 updates

texpert/rails_6_rss_reader #5169

5.3.7 → 5.3.8 Patch PR
Closed 3 days ago 1 comment
texpert
Bump the all-ui-deps group across 1 directory with 72 updates

phuongnq/studio-ui #70

5.3.6 → 5.3.8 Patch PR
Open 3 days ago
phuongnq
Bump the all-ui-deps group across 1 directory with 46 updates

craftercms/studio-ui #4625

5.3.7 → 5.3.8 Patch PR
Open 3 days ago
craftercms
Update bootstrap requirement from ^5.3.6 to ^5.3.8 in the prod-deps group

jminrangnews/jminrangnews.github.io #2

^5.3.6 → ^5.3.8 Patch PR
Open 3 days ago
jminrangnews
Bump the prod-dependencies group in /src/Asm.MooBank.Web.App with 12 updates

AndrewMcLachlan/MooBank #553

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
AndrewMcLachlan
Bump bootstrap from 5.3.7 to 5.3.8

DSpace/dspace-angular #4689

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
DSpace
Bump bootstrap from 5.3.7 to 5.3.8

canterbury-air-patrol/scenario-weighting-worksheet #362

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
canterbury-air-patrol
Bump bootstrap from 5.3.7 to 5.3.8

DSpace/dspace-angular #4682

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
DSpace
Bump bootstrap from 5.3.7 to 5.3.8 in /src/frontend

Hariraghav2003/MERN-CRUD-APP #47

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
Hariraghav2003
npm(deps): bump bootstrap from 5.3.7 to 5.3.8 in /frontend

Nocfer1/frontendConsulMedic #11

5.3.7 → 5.3.8 Patch PR
Open 4 days ago 1 comment
Nocfer1
Bump bootstrap from 5.3.7 to 5.3.8

canterbury-air-patrol/sar-search-runner #236

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
canterbury-air-patrol
Bump bootstrap from 5.3.7 to 5.3.8

mcliff1/jonessite #171

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
mcliff1
Bump bootstrap from 5.3.6 to 5.3.8

CGAL/cgal-web #72

5.3.6 → 5.3.8 Patch PR
Open 4 days ago
CGAL
Bump the npm group in /Web with 6 updates

cooljeanius/Imgbot #293

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
cooljeanius
Bump bootstrap from 5.3.7 to 5.3.8

nathandeflavis/react_budget_app #49

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
nathandeflavis
chore(deps): bump bootstrap from 5.3.7 to 5.3.8

takanotume24/Cuuri #343

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
takanotume24
:arrow_up: upgrade: Bump bootstrap from 5.3.7 to 5.3.8

Stenstromen/axfr-frontend #59

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
Stenstromen
build(deps): bump the minor group across 1 directory with 6 updates

algirdasc/expensave #296

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
algirdasc
Bump bootstrap from 5.3.2 to 5.3.8

jamie-taylor-rjj/Recruitment-Glossary #325

5.3.2 → 5.3.8 Patch PR
Open 4 days ago 1 comment
jamie-taylor-rjj
npm-dev(deps-dev): Bump bootstrap from 5.3.7 to 5.3.8

jchoquecota-sys/biodiversity-management #5

5.3.7 → 5.3.8 Patch PR
Open 4 days ago 1 comment
jchoquecota-sys
deps(deps): bump bootstrap from 5.3.7 to 5.3.8 in /website

AppOutlet/GetDisCorkie #57

5.3.7 → 5.3.8 Patch PR
Open 4 days ago 1 comment
AppOutlet
Update bootstrap requirement from ^5.3.7 to ^5.3.8 in the prod-deps group

hxxdev/hxxdev.github.io #20

^5.3.7 → ^5.3.8 Patch PR
Merged 4 days ago
hxxdev
build(deps): bump the minor-and-patch group with 3 updates

gyrinx-app/gyrinx #958

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago 1 comment
gyrinx-app
Bump bootstrap from 5.3.6 to 5.3.8

Kev-BB/LogosSphere #32

5.3.6 → 5.3.8 Patch PR
Open 4 days ago 1 comment
Kev-BB
Bump the minor-patch group with 27 updates

composer/satis #1032

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
composer
Bump bootstrap from 5.3.7 to 5.3.8

WWBN/AVideo #10180

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
WWBN
chore(deps):(deps): bump bootstrap from 5.3.7 to 5.3.8

jcorrius/jcorrius.github.io #41

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
jcorrius
DEPENDABOT VERSION UPDATES: Bump bootstrap from 5.3.1 to 5.3.8 in /frontend

ghas-labs-2025-08-27-brianc-ghas-labs/mona-gallery #7

5.3.1 → 5.3.8 Patch PR
Open 4 days ago 1 comment
ghas-labs-2025-08-27-brianc-ghas-labs
DEPENDABOT VERSION UPDATES: Bump bootstrap from 5.3.1 to 5.3.8 in /frontend

advanced-security-trainings/mona-demo #45

5.3.1 → 5.3.8 Patch PR
Open 4 days ago 1 comment
advanced-security-trainings
chore(deps): bump bootstrap from 5.3.7 to 5.3.8 in /client

sloweyyy/cloud-native-ecommerce-platform #71

5.3.7 → 5.3.8 Patch PR
Open 4 days ago 1 comment
sloweyyy
chore(deps): update bootstrap requirement from ^5.3.7 to ^5.3.8 in the prod-deps group

jisoo0609/jisoo0609.github.io #8

^5.3.7 → ^5.3.8 Patch PR
Open 4 days ago
jisoo0609
build(deps): bump the production-dependencies group across 1 directory with 3 updates

eclipse-tractusx/portal-frontend-registration #420

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
eclipse-tractusx
Bump bootstrap from 5.3.7 to 5.3.8

Niema-Lab/ViralWasm-Consensus #209

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
Niema-Lab
build(deps): bump bootstrap from 5.3.3 to 5.3.8

felipelssilva/felipeluis.github.io #417

5.3.3 → 5.3.8 Patch PR
Open 4 days ago
felipelssilva
Bump bootstrap from 5.3.7 to 5.3.8 in /src

melvyndekort/mdekort-nl #121

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
melvyndekort
build(deps-dev): bump bootstrap from 5.3.7 to 5.3.8

1995parham-teaching/ie-lecture #113

5.3.7 → 5.3.8 Patch PR
Open 4 days ago 1 comment
1995parham-teaching
build(deps): bump bootstrap from 5.3.7 to 5.3.8

canterbury-air-patrol/search-management-map #717

5.3.7 → 5.3.8 Patch PR
Open 4 days ago
canterbury-air-patrol
Bump the dependencies group with 17 updates

aditya-arcot/Poetry-for-Neanderthals #9

5.3.7 → 5.3.8 Patch PR
Merged 4 days ago
aditya-arcot
Package Details
Name: bootstrap
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/bootstrap
JSON API: View JSON
Security Advisories

11

Active advisories
MODERATE 11
View All npm Advisories
Package Information
Description:

The most popular front-end framework for developing responsive, mobile first projects on the web.

Repository: https://github.com/twbs/bootstrap
Homepage: https://getbootstrap.com/
Latest Release: 5.3.6
4 months ago
Dependent Repos: 874,564
Dependent Packages: 17,952
Downloads: 20,752,506
Ranking: Top 0.0383% by dependent repos Top 0.0595% by downloads Top 0.0059% by dependent pkgs
PR Status
Open 1,673 (47.9%)
Merged 718 (20.6%)
Closed 719 (20.6%)
PR Types
Major 658 (18.8%)
Patch 2,196 (62.9%)
Minor 256 (7.3%)