Versions of the package sidekiq before 7.1.3 and 6.5.10 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. An attacker can exploit this vulnerability by manipulating the localStorage value which will cause excessive polling requests.
This PR contains the following updates:
6.5.9->6.5.10GitHub Vulnerability Alerts
CVE-2023-26141
Versions of the package sidekiq before 7.1.3 and 6.5.10 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. An attacker can exploit this vulnerability by manipulating the localStorage value which will cause excessive polling requests.
Release Notes
sidekiq/sidekiq (sidekiq)
### [`v6.5.10`](https://togithub.com/sidekiq/sidekiq/compare/v6.5.9...v6.5.10) [Compare Source](https://togithub.com/sidekiq/sidekiq/compare/v6.5.9...v6.5.10)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.