Lucene search
K
ContribsysSidekiq

6 matches found

CVE
CVE
added 2021/04/06 12:0 a.m.185 views

CVE-2021-30151

CVE-2021-30151 is a Cross-Site Scripting vulnerability in Sidekiq up to 6.2.0 (and

6.1CVSS6AI score0.04158EPSS
CVE
CVE
added 2022/01/21 12:0 a.m.152 views

CVE-2022-23837

CVE-2022-23837 affects Sidekiq (api.rb): there is no limit on the number of days when requesting graph statistics, which can overload the system and render the Web UI unavailable. Concrete references in connected docs include Debian/DLA-4407-1 (ruby-sidekiq fix in 6.0.4+dfsg-2+deb11u1; also menti...

7.5CVSS7.2AI score0.05258EPSS
CVE
CVE
added 2023/09/14 5:0 a.m.96 views

CVE-2023-26141

CVE-2023-26141 affects sidekiq prior to 7.1.3. The vulnerability arises from insufficient checks in the dashboard-charts.js file, allowing an attacker to manipulate localStorage and trigger excessive polling, leading to Denial of Service. The DoS impact is documented across multiple feeds, with t...

7.5CVSS4.8AI score0.0075EPSS
CVE
CVE
added 2024/03/01 12:0 a.m.82 views

CVE-2023-46950

CVE-2023-46950 affects Contribsys Sidekiq v6.5.8, with a Cross Site Scripting vulnerability that allows a remote attacker to obtain sensitive information via a crafted payload in the filter functions (and related uniquejobs context per Red Hat entries). The issue is described across multiple feed...

6.1CVSS5.8AI score0.0059EPSS
CVE
CVE
added 2024/03/01 12:0 a.m.74 views

CVE-2023-46951

Contribsys Sidekiq 6.5.8 is affected by a Cross Site Scripting vulnerability (CVE-2023-46951). Red Hat advisories confirm an XSS via a crafted payload to the uniquejobs function that could let a remote attacker obtain sensitive information. The CVSS vector in the description indicates Network acc...

6.1CVSS5.9AI score0.00541EPSS
CVE
CVE
added 2023/04/05 12:0 a.m.64 views

CVE-2023-1892

CVE-2023-1892 is a reflected XSS in Sidekiq prior to version 7.0.8. Affected versions include 7.0.4 through 7.0.7. The vulnerability arises from unsafely reflected input (e.g., GET parameters like period) in Sidekiq endpoints, enabling injection of JavaScript that could be executed in an administ...

9.6CVSS8.5AI score0.02742EPSS