See on RubyGems

sidekiq 7.2.2

1 security vulnerability found in version 7.2.2

Reflected XSS in Metrics Web Page

medium severity CVE-2024-32887
medium severity CVE-2024-32887
Patched versions: >= 7.2.4
Unaffected versions: < 7.2.0

Reflected XSS in Sidekiq Web UI via the /metrics HTTP end-point and the substr query param:

https://{host}/sidekiq/metrics?substr=foot%22%3E%3Cscript%20src=%22{payload}%22%20/%3E

No officially reported memory leakage issues detected.

This gem version does not have any officially reported memory leaked issues.

No license issues detected.

This gem version has a license in the gemspec.

This gem version is available.

This gem version has not been yanked and is still available for usage.