Information on source package ruby-sidekiq

Available versions

ReleaseVersion
buster5.2.3+dfsg-1
buster (security)5.2.3+dfsg-1+deb10u1
bullseye6.0.4+dfsg-2
bookworm6.4.1+dfsg-1
trixie6.5.12+dfsg-1
sid6.5.12+dfsg-1

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-26141vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableVersions of the package sidekiq before 7.1.3 are vulnerable to Denial ...
CVE-2022-23837fixedvulnerable (no DSA)fixedfixedfixedIn api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the ...
CVE-2021-30151fixedvulnerable (no DSA)fixedfixedfixedSidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue n ...

Resolved issues

BugDescription
TEMP-0000000-F9A459XSS via job arguments display class in Sidekiq::Web
TEMP-0000000-BD209FXSS via queue name in Sidekiq::Web
TEMP-0000000-23C1BDSidekiq::Web lacks CSRF protection
CVE-2024-32887Sidekiq is simple, efficient background processing for Ruby. Sidekiq i ...
CVE-2023-1892Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/si ...

Security announcements

DSA / DLADescription
DLA-3360-1ruby-sidekiq - security update
DLA-2943-1ruby-sidekiq - security update

Search for package or bug name: Reporting problems