Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Contribsys Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-23837 2 Contribsys, Debian 2 Sidekiq, Debian Linux 2023-03-12 5.0 MEDIUM 7.5 HIGH
In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.
CVE-2021-30151 2 Contribsys, Debian 2 Sidekiq, Debian Linux 2023-03-12 4.3 MEDIUM 6.1 MEDIUM
Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.