VDB
DEBIAN-CVE-2022-23837
DEBIAN-CVE-2022-23837
PUBLISHED
CVSS 7.5 HIGH
In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | ruby-sidekiq | 0, 0, 0 |
| Debian:13 | ruby-sidekiq | 0, 0, 0 |
| Debian:11 | ruby-sidekiq | 6.0.4+dfsg-2, 0, 6.0.4+dfsg-2 |
| Debian:14 | ruby-sidekiq | 0, 0, 0 |
Timeline
- Jan 21, 2022 CVE Published
- Apr 28, 2026 CVE Updated