CVE-2022-23837 — CVSS 7.5 (high): In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads…
CVE-2023-26141 — CVSS 7.5 (high): Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the…
CVE-2021-30151 — CVSS 6.1 (medium): Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.
CVE-2023-46950 — CVSS 6.1 (medium): Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to obtain sensitive information via a crafted URL…
CVE-2023-46951 — CVSS 6.1 (medium): Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to obtain sensitive information via a crafted…