Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 result


CVE-2019-10842

Medium priority
Not affected

Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed...

3 affected packages

compass-bootstrap-sass-plugin, node-bootstrap-sass, ruby-bootstrap-sass

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
compass-bootstrap-sass-plugin Not in release Not in release
node-bootstrap-sass Not affected Not in release
ruby-bootstrap-sass Not affected Not affected
Show less packages