Product
contribsys sidekiq
6 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-46951
CVE-2023-46950
CVE-2023-26141
CVE-2023-1892
CVE-2022-23837
CVE-2021-30151
all versions
Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to obtain sensitive information via a cr
all versions
Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to obtain sensitive information via a cr
< 6.5.10
Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard
>= 7.0.4 and < 7.0.8
Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8.
< 5.2.10
In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This ov
<= 5.1.3
Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.