You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
✔️ This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory.
mend-bolt-for-githubbot
changed the title
CVE-2021-30151 (Medium) detected in sidekiq-5.2.9.gem
CVE-2021-30151 (Medium) detected in sidekiq-5.2.9.gem - autoclosed
May 2, 2022
mend-bolt-for-githubbot
changed the title
CVE-2021-30151 (Medium) detected in sidekiq-5.2.9.gem - autoclosed
CVE-2021-30151 (Medium) detected in sidekiq-5.2.9.gem
Aug 4, 2022
mend-bolt-for-githubbot
changed the title
CVE-2021-30151 (Medium) detected in sidekiq-5.2.9.gem
CVE-2021-30151 (Medium) detected in sidekiq-5.2.9.gem - autoclosed
Aug 5, 2022
✔️ This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
CVE-2021-30151 - Medium Severity Vulnerability
Vulnerable Library - sidekiq-5.2.9.gem
Simple, efficient background processing for Ruby.
Library home page: https://rubygems.org/gems/sidekiq-5.2.9.gem
Path to dependency file: /Gemfile.lock
Path to vulnerable library: /gem/ruby/2.7.0/cache/sidekiq-5.2.9.gem
Dependency Hierarchy:
Found in HEAD commit: e82709485ba6a65062d7477e32d2b31087741522
Found in base branch: master
Vulnerability Details
Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.
Publish Date: 2021-04-06
URL: CVE-2021-30151
CVSS 3 Score Details (6.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Release Date: 2021-04-06
Fix Resolution: 6.2.1
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered: