Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

bootstrap

Ecosystem:
npm
Package URL:
pkg:npm/bootstrap
Total PRs:
4,080 Dependabot PRs
Latest PR:
3 days ago
Unique Repositories:
2,145 repositories
Unique Repos (30 days):
11 repositories
Security Advisories
Bootstrap Vulnerable to Cross-Site Scripting
GHSA-9v3m-8fp8-mj99 CVE-2019-8331 MODERATE published almost 7 years ago • updated about 12 hours ago
Versions of `bootstrap` prior to 3.4.1 for 3.x and 4.3.1 for 4.x are vulnerable to Cross-Site Scripting (XSS). The `data-template` attribute of th...
Bootstrap Vulnerable to Cross-Site Scripting in its Popover and Tooltip Components
GHSA-q58r-hwc8-rm9j CVE-2025-1647 MODERATE published 9 months ago • updated 1 day ago
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting ...
Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributes
GHSA-vxmc-5x29-h64v CVE-2024-6485 MODERATE published over 1 year ago • updated 3 days ago
A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting (XSS) attacks. The vulnerability is associated wit...
Moderate severity vulnerability that affects bootstrap and bootstrap-sass
GHSA-wh77-3x4m-4q9g CVE-2019-8331 MODERATE published almost 7 years ago • updated 2 days ago
In Bootstrap 4 before 4.3.1 and Bootstrap 3 before 3.4.1, XSS is possible in the tooltip or popover data-template attribute. For more information, ...
Bootstrap Cross-site Scripting vulnerability
GHSA-7mvr-5x2g-wfc8 CVE-2018-14042 MODERATE published over 7 years ago • updated 1 day ago
In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is s...
View all 10 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump the all-ui-deps group across 1 directory with 77 updates

craftercms/studio-ui #4754

5.3.7 → 5.3.8 Patch PR
Open 7 days ago 1 comment
craftercms
Bump the npm-dependencies group across 1 directory with 27 updates

SamYuan1990/Probe #270

5.3.3 → 5.3.8 Patch PR
Closed 11 days ago 1 comment
SamYuan1990
build(deps): bump the minor-and-patch group across 1 directory with 11 updates

CircuitVerse/CircuitVerse #6549

5.3.3 → 5.3.8 Patch PR
Open 23 days ago 3 comments
CircuitVerse
Bump bootstrap from 5.3.6 to 5.3.8

manyfold3d/manyfold #5207

5.3.6 → 5.3.8 Patch PR
Open about 1 month ago 2 comments
manyfold3d
chore(deps): bump bootstrap from 5.3.3 to 5.3.8 in the production-dependencies group

mpbarbosa/monitora_vagas #14

5.3.3 → 5.3.8 Patch PR
Closed about 1 month ago 2 comments
mpbarbosa
fix(deps): bump the minorandpatch group across 1 directory with 10 updates

KohlbacherLab/homepage #249

5.3.5 → 5.3.8 Patch PR
Open about 1 month ago 1 comment
KohlbacherLab
Bump the development-dependencies group across 1 directory with 10 updates

gifhuppp/icons #159

5.3.7 → 5.3.8 Patch PR
Closed about 2 months ago 1 comment
gifhuppp
NPM-dependencies: Bump the npm-updates group across 3 directories with 16 updates

Harvester57/keysas #22

5.3.5 → 5.3.8 Patch PR
Closed about 2 months ago 1 comment
Harvester57
fix(deps): bump the minorandpatch group with 35 updates

authup/authup #2751

5.3.7 → 5.3.8 Patch PR
Closed 2 months ago 3 comments
authup
DEPENDABOT VERSION UPDATES: Bump bootstrap from 5.3.1 to 5.3.8 in /frontend

qqwayne/mona-demo-20251125 #4

5.3.1 → 5.3.8 Patch PR
Open 2 months ago 1 comment
qqwayne
Bump the all-updates group across 1 directory with 22 updates

brandonladen/My_Digital_Portfolio #16

5.3.6 → 5.3.8 Patch PR
Open 2 months ago 1 comment
brandonladen
DEPENDABOT VERSION UPDATES: Bump bootstrap from 5.3.1 to 5.3.8 in /frontend

im-sandbox-williamtinfomagnus/mona-demo #1

5.3.1 → 5.3.8 Patch PR
Open 3 months ago 2 comments
im-sandbox-williamtinfomagnus
build(deps): bump bootstrap from 5.3.3 to 5.3.8

Lucs1590/Personal_Site #574

5.3.3 → 5.3.8 Patch PR
Open 3 months ago 2 comments
Lucs1590
Bump bootstrap from 5.3.7 to 5.3.8

aserto-dev/topaz-console #115

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 1 comment
aserto-dev
Bump bootstrap from 5.3.3 to 5.3.8

Gaurav-vats-12/finance_manager #197

5.3.3 → 5.3.8 Patch PR
Open 3 months ago 2 comments
Gaurav-vats-12
Bump the all-ui-deps group across 1 directory with 69 updates

craftercms/studio-ui #4699

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 1 comment
craftercms
Bump the all-ui-deps group across 1 directory with 68 updates

craftercms/studio-ui #4695

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 1 comment
craftercms
Bump bootstrap from 5.3.7 to 5.3.8

JonnyIvan24/admin-lte-2025B #7

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 2 comments
JonnyIvan24
Bump the sub-major group with 14 updates

PolicyEngine/policyengine-app #2793

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 1 comment
PolicyEngine
chore(deps-dev): bump the development-dependencies group across 1 directory with 32 updates

LouisBarranqueiro/reapop #582

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
LouisBarranqueiro
fix(deps): bump the minorandpatch group across 1 directory with 17 updates

tada5hi/vuecs #1458

5.3.5 → 5.3.8 Patch PR
Open 3 months ago 2 comments
tada5hi
fix(deps): bump the minorandpatch group across 1 directory with 17 updates

dnpm-dip/portal #1119

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
dnpm-dip
build(deps): bump the minor-and-patch group across 1 directory with 9 updates

CircuitVerse/CircuitVerse #6317

5.3.3 → 5.3.8 Patch PR
Closed 3 months ago 3 comments
CircuitVerse
chore(deps-dev): Bump the node-dependencies group across 1 directory with 13 updates

peasee/roll #62

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
peasee
chore(deps): bump bootstrap from 5.3.6 to 5.3.8 in /client

pandavolador/boxahe #3

5.3.6 → 5.3.8 Patch PR
Open 3 months ago 1 comment
pandavolador
Bump the all-ui-deps group across 1 directory with 65 updates

craftercms/studio-ui #4684

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 2 comments
craftercms
Bump the npm group across 1 directory with 8 updates

THE-BWC/opserv #238

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
THE-BWC
Bump the patch-updates group across 1 directory with 13 updates

afarago/blpy.attilafarago.hu #139

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 3 comments
afarago
Bump the patch-updates group across 1 directory with 12 updates

afarago/blpy.attilafarago.hu #137

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 4 comments
afarago
build(deps-dev): bump the minorandpatch group across 1 directory with 12 updates

dnpm-dip/portal #1114

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
dnpm-dip
Bump the js-production-dependencies group across 1 directory with 66 updates

texpert/rails_6_rss_reader #5239

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
texpert
chore(deps-dev): Bump the node-dependencies group across 1 directory with 12 updates

peasee/roll #61

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
peasee
build(deps): update bootstrap requirement from ^5.3.6 to ^5.3.8 in the prod-deps group

KingBlackCow/KingBlackCow.github.io #2

^5.3.6 → ^5.3.8 Patch PR
Open 3 months ago 1 comment
KingBlackCow
Bump the patterns group across 1 directory with 29 updates

Metaller000/mongo-express #31

5.3.3 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
Metaller000
Bump the version-bumps group across 1 directory with 20 updates

warp-tech/warpgate #1531

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
warp-tech
fix(deps): bump the minorandpatch group across 1 directory with 16 updates

tada5hi/vuecs #1454

5.3.5 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
tada5hi
fix(deps): bump the minorandpatch group across 1 directory with 15 updates

tada5hi/vuecs #1453

5.3.5 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
tada5hi
build(deps): update bootstrap requirement from ^5.3.6 to ^5.3.8 in the prod-deps group

0xdk89/0xdk89.github.io #3

^5.3.6 → ^5.3.8 Patch PR
Merged 3 months ago
0xdk89
chore(deps)(deps-dev): bump bootstrap from 5.3.3 to 5.3.8

hrai/auto-capitalise-sentence #290

5.3.3 → 5.3.8 Patch PR
Open 3 months ago 1 comment
hrai
Bump the all-ui-deps group across 1 directory with 64 updates

craftercms/studio-ui #4678

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 2 comments
craftercms
Bump bootstrap from 5.3.7 to 5.3.8

wildan-se/smarthome #7

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 2 comments
wildan-se
Bump the all-updates group across 1 directory with 21 updates

brandonladen/My_Digital_Portfolio #14

5.3.6 → 5.3.8 Patch PR
Open 3 months ago
brandonladen
npm-frontend: bump the web-formio group in /sources/packages/web with 5 updates

bcgov/SIMS #5279

5.3.7 → 5.3.8 Patch PR
Open 3 months ago 2 comments
bcgov
Bump the js-production-dependencies group across 1 directory with 67 updates

texpert/rails_6_rss_reader #5228

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 2 comments
texpert
build(deps): bump bootstrap from 5.3.6 to 5.3.8

isaacm/casa #735

5.3.6 → 5.3.8 Patch PR
Open 3 months ago 1 comment
isaacm
Bump the js-production-dependencies group across 1 directory with 63 updates

texpert/rails_6_rss_reader #5215

5.3.7 → 5.3.8 Patch PR
Open 4 months ago
texpert
npm-frontend: bump the formio group across 1 directory with 5 updates

bcgov/SIMS #5260

5.3.7 → 5.3.8 Patch PR
Open 4 months ago
bcgov
npm-frontend: bump the formio group in /sources/packages/web with 3 updates

bcgov/SIMS #5248

5.3.7 → 5.3.8 Patch PR
Open 4 months ago 3 comments
bcgov
Bump bootstrap from 5.3.7 to 5.3.8

patroleum/dash #6

5.3.7 → 5.3.8 Patch PR
Open 4 months ago
patroleum
build(deps): bump the minor-and-patch group with 10 updates

gr455/CircuitVerse #205

5.3.3 → 5.3.8 Patch PR
Open 4 months ago 1 comment
gr455
Package Details
Name: bootstrap
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/bootstrap
JSON API: View JSON
Security Advisories

10

Active advisories
MODERATE 10
View All npm Advisories
Package Information
Description:

The most popular front-end framework for developing responsive, mobile first projects on the web.

Repository: https://github.com/twbs/bootstrap
Homepage: https://getbootstrap.com/
Latest Release: 5.3.6
9 months ago
Dependent Repos: 874,564
Dependent Packages: 17,952
Downloads: 20,752,506
Ranking: Top 0.0383% by dependent repos Top 0.0595% by downloads Top 0.0059% by dependent pkgs
PR Status
Open 1,996 (48.9%)
Merged 780 (19.1%)
Closed 920 (22.6%)
PR Types
Removal 2 (0.0%)
Minor 332 (8.1%)
Major 824 (20.2%)
Patch 2,536 (62.2%)