RubyGems package
sidekiq-unique-jobs
pkg:gem/sidekiq-unique-jobs
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-46950 | — | >= 8.0.0, < 8.0.7 | 8.0.7 | Mar 1, 2024 | Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to obtain sensitive information via a crafted URL to the filter functions. | ||
| CVE-2024-25122 | — | >= 8.0.0, < 8.0.7 | 8.0.7 | Feb 13, 2024 | sidekiq-unique-jobs is an open source project which prevents simultaneous Sidekiq jobs with the same unique arguments to run. Specially crafted GET request parameters handled by any of the following endpoints of sidekiq-unique-jobs' "admin" web UI, allow a super-user attacker, or |
- CVE-2023-46950Mar 1, 2024affected >= 8.0.0, < 8.0.7fixed 8.0.7
Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to obtain sensitive information via a crafted URL to the filter functions.
- CVE-2024-25122Feb 13, 2024affected >= 8.0.0, < 8.0.7fixed 8.0.7
sidekiq-unique-jobs is an open source project which prevents simultaneous Sidekiq jobs with the same unique arguments to run. Specially crafted GET request parameters handled by any of the following endpoints of sidekiq-unique-jobs' "admin" web UI, allow a super-user attacker, or