14 matches found
Debian dla-4407 : ruby-sidekiq - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4407 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4407-1 [email protected]...
USN-7695-1 ruby-sidekiq vulnerabilities
Anas Roubi discovered that Sidekiq did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2021-30151 It was discovered that Sidekiq did not correctly...
Linux Distros Unpatched Vulnerability : CVE-2022-23837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting...
Debian: Security Advisory (DLA-3360-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3360-1] ruby-sidekiq security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-3360-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 13, 2023 https://wiki.debian.org/LTS -...
Moderate: Red Hat Security Advisory: Satellite 6.11 Release
An update is now available for Red Hat Satellite 6.11 Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: libsolv: Heap-based buff...
Debian: Security Advisory (DLA-2943-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2943-1 : ruby-sidekiq - LTS security update
The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2943 advisory. - Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. CVE-2021-30151 - In api.rb in...
[SECURITY] [DLA 2943-1] ruby-sidekiq security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2943-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 10, 2022 https://wiki.debian.org/LTS -...
CVE-2022-23837
In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users...
CVE-2022-23837
In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users...
CVE-2022-23837
CVE-2022-23837 affects Sidekiq (api.rb): there is no limit on the number of days when requesting graph statistics, which can overload the system and render the Web UI unavailable. Concrete references in connected docs include Debian/DLA-4407-1 (ruby-sidekiq fix in 6.0.4+dfsg-2+deb11u1; also menti...
CVE-2022-23837
In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users...
CVE-2022-23837
In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users...