Skip to main content

Sidekiq

3 CVEs product

Monthly

CVE-2023-26141 Ruby MEDIUM POC PATCH This Month

Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Sidekiq
NVD GitHub
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-1892 Ruby CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Sidekiq
NVD GitHub
CVSS 3.1
9.6
EPSS
2.7%
CVE-2021-30151 Ruby MEDIUM POC PATCH This Month

Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sidekiq Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
4.2%
EPSS 1% CVSS 4.9
MEDIUM POC PATCH This Month

Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Sidekiq
NVD GitHub
EPSS 3% CVSS 9.6
CRITICAL POC PATCH Act Now

Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Sidekiq
NVD GitHub
EPSS 4% CVSS 6.1
MEDIUM POC PATCH This Month

Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sidekiq Debian Linux
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy