Contributed Systems Sidekiq 6.0.0 Prerelease1

CPE Details

Contributed Systems Sidekiq 6.0.0 Prerelease1
contribsys
sidekiq
6.0.0
2021-04-08
16h15 +00:00
2021-04-16
16h51 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:contribsys:sidekiq:6.0.0:prerelease1:*:*:*:*:*:*

Informations

Vendor

contribsys

Product

sidekiq

Version

6.0.0

Update

prerelease1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-26141 2023-09-14 05h00 +00:00 Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. An attacker can exploit this vulnerability by manipulating the localStorage value which will cause excessive polling requests.
7.5
High
CVE-2022-23837 2022-01-20 23h00 +00:00 In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.
7.5
High
CVE-2021-30151 2021-04-05 22h00 +00:00 Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.
6.1
Medium