resque
RubyGems3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting resquepage 1 of 1
- CVE-2023-50724MEDIUMCVSS 6.1EG 6.3✓ Fixed in 2.1.02023-12-21
vulnerable: 0.2.0 ... 2.0.0 (70 versions)
Resque (pronounced like "rescue") is a Redis-backed library for creating background jobs, placing those jobs on multiple queues, and processing them later. resque-web in resque versions before 2.1.0 are vulnerable to reflected XSS through …
- CVE-2023-50725MEDIUMCVSS 6.1EG 6.3✓ Fixed in 2.2.12023-12-22
vulnerable: 0.2.0 ... 2.2.0 (72 versions)
Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. The following paths in resque-web have been found to be vulnerable to reflected XSS: "/failed/?class=<script>al…
- CVE-2023-50727MEDIUMCVSS 6.1EG 6.3✓ Fixed in 2.6.02023-12-22
vulnerable: 0.2.0 ... 2.5.0 (76 versions)
Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. Reflected XSS issue occurs when /queues is appended with /"><svg%20onload=alert(domain)>. This issue has been p…
Check whether resque is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for resque CVEs against the assets you own.
Start Free Scan →