Lucene search
Veracode Vulnerability DatabaseVERACODE:33855HistoryJan 24, 2022 - 3:48 a.m.
Denial Of Service (DoS)
2022-01-2403:48:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.007 Low
EPSS
Percentile
79.6%
sidekiq is vulnerable to denial of service. The library does not properly validate the days parameter when requesting stats for the graph, allowing an attacker to cause an application crash.
References
github.com/advisories/GHSA-jrfj-98qg-qjgv
github.com/mperham/sidekiq/commit/7785ac1399f1b28992adb56055f6acd88fd1d956
github.com/rubysec/ruby-advisory-db/pull/495
github.com/TUTUMSPACE/exploits/blob/main/sidekiq.md
lists.debian.org/debian-lts-announce/2022/03/msg00015.html
lists.debian.org/debian-lts-announce/2023/03/msg00011.html
Related
cvelist
cvelist
CVE-2022-23837
2022-01-21 00:00:00
osv
osv
Denial of service in sidekiq
2022-01-27 14:42:37
CVE-2022-23837
2022-01-21 21:15:09
ruby-sidekiq - security update
2022-03-10 00:00:00
nvd
nvd
CVE-2022-23837
2022-01-21 21:15:09
github
github
Denial of service in sidekiq
2022-01-27 14:42:37
redhatcve
redhatcve
CVE-2022-23837
2022-01-24 19:28:24
prion
prion
Code injection
2022-01-21 21:15:00
cve
cve
CVE-2022-23837
2022-01-21 21:15:09
ubuntucve
ubuntucve
CVE-2022-23837
2022-01-21 00:00:00
debiancve
debiancve
CVE-2022-23837
2022-01-21 21:15:09
cnvd
cnvd
Mike Perham Sidekiq has an unspecified vulnerability
2022-01-25 00:00:00
nessus
nessus
Debian DLA-2943-1 : ruby-sidekiq - LTS security update
2022-03-11 00:00:00
Debian DLA-3360-1 : ruby-sidekiq - LTS security update
2023-03-12 00:00:00
RHEL 7 / 8 : Satellite 6.11 Release (Moderate) (RHSA-2022:5498)
2024-04-28 00:00:00
debian
debian
[SECURITY] [DLA 2943-1] ruby-sidekiq security update
2022-03-10 19:59:32
[SECURITY] [DLA 3360-1] ruby-sidekiq security update
2023-03-12 20:49:29
openvas
openvas
Debian: Security Advisory (DLA-3360-1)
2023-03-13 00:00:00
Debian: Security Advisory (DLA-2943-1)
2022-03-11 00:00:00
redhat
redhat
(RHSA-2022:5498) Moderate: Satellite 6.11 Release
2022-07-05 13:55:16
rocky
rocky
Satellite 6.11 Release
2022-07-05 13:55:16