Updated twitter-bootstrap-rails advisory (#1033)

jasnow · web-flow · commit d5ea971d6ef0 · 2026-05-14T11:14:02.000-04:00
* Updated twitter-bootstrap-rails advisory * Add new reference link for CVE-2019-8331 https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1
diff --git a/gems/twitter-bootstrap-rails/CVE-2019-8331.yml b/gems/twitter-bootstrap-rails/CVE-2019-8331.yml
@@ -2,7 +2,7 @@
 gem: twitter-bootstrap-rails
 cve: 2019-8331
 ghsa: 9v3m-8fp8-mj99
-url: https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/
+url: https://github.com/advisories/GHSA-9v3m-8fp8-mj99
 title: twitter-bootstrap-rails vulnerable to Cross-Site Scripting (XSS)
 date: 2019-02-15
 description: |
@@ -23,6 +23,13 @@ description: |
 
 cvss_v2: 4.3
 cvss_v3: 6.1
+patched_versions:
+  - ">= 5.3.0"
 related:
   url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-8331
+    - https://github.com/seyhunak/twitter-bootstrap-rails/releases/tag/v5.3.0
+    - https://github.com/seyhunak/twitter-bootstrap-rails/commit/ec8d08af20fa3abe9852f51f7e1258fc40b39a44
     - https://github.com/twbs/bootstrap-sass/releases/tag/v3.4.1
+    - https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1
+    - https://github.com/advisories/GHSA-9v3m-8fp8-mj99
