CVE-2022-23837

In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:contribsys:sidekiq:*:*:*:*:*:*:*:*
cpe:2.3:a:contribsys:sidekiq:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Information

Published : 2022-01-21 13:15

Updated : 2023-03-12 17:15


NVD link : CVE-2022-23837

Mitre link : CVE-2022-23837


JSON object : View

CWE
CWE-770

Allocation of Resources Without Limits or Throttling

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

contribsys

  • sidekiq