Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|
TEMP-0000000-F9A459 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | XSS via job arguments display class in Sidekiq::Web |
TEMP-0000000-BD209F | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | XSS via queue name in Sidekiq::Web |
TEMP-0000000-23C1BD | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | Sidekiq::Web lacks CSRF protection |
CVE-2024-32887 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | Sidekiq is simple, efficient background processing for Ruby. Sidekiq i ... |
CVE-2023-26141 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Versions of the package sidekiq before 7.1.3 are vulnerable to Denial ... |
CVE-2022-23837 | vulnerable | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the ... |
CVE-2021-30151 | vulnerable | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue n ... |