Information on source package ruby-sidekiq

Available versions

ReleaseVersion
jessie3.2.6~dfsg-1
stretch4.2.3+dfsg-1+deb9u1
buster5.2.3+dfsg-1+deb10u1
bullseye6.0.4+dfsg-2
bookworm6.4.1+dfsg-1
trixie7.3.2+dfsg-1
sid7.3.2+dfsg-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
TEMP-0000000-F9A459vulnerable (no DSA)fixedfixedfixedfixedfixedfixedXSS via job arguments display class in Sidekiq::Web
TEMP-0000000-BD209Fvulnerable (no DSA)fixedfixedfixedfixedfixedfixedXSS via queue name in Sidekiq::Web
TEMP-0000000-23C1BDvulnerable (no DSA)fixedfixedfixedfixedfixedfixedSidekiq::Web lacks CSRF protection
CVE-2024-32887vulnerablevulnerablefixedfixedfixedfixedfixedSidekiq is simple, efficient background processing for Ruby. Sidekiq i ...
CVE-2023-26141vulnerablevulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedVersions of the package sidekiq before 7.1.3 are vulnerable to Denial ...
CVE-2022-23837vulnerablefixedfixedvulnerable (no DSA)fixedfixedfixedIn api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the ...
CVE-2021-30151vulnerablefixedfixedvulnerable (no DSA)fixedfixedfixedSidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue n ...

Resolved issues

BugDescription
CVE-2023-1892Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/si ...

Security announcements

DSA / DLADescription
DLA-3360-1ruby-sidekiq - security update
DLA-2943-1ruby-sidekiq - security update

Search for package or bug name: Reporting problems