Vulnerabilities > Contribsys
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2023-37279 | Allocation of Resources Without Limits or Throttling vulnerability in Contribsys Faktory Faktory is a language-agnostic persistent background job server. | 7.5 |
| 2023-09-14 | CVE-2023-26141 | Insufficient Verification of Data Authenticity vulnerability in Contribsys Sidekiq Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. | 4.9 |
| 2023-04-21 | CVE-2023-1892 | Cross-site Scripting vulnerability in Contribsys Sidekiq 7.0.4 Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8. | 9.6 |
| 2022-01-21 | CVE-2022-23837 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. | 7.5 |
| 2021-04-06 | CVE-2021-30151 | Cross-site Scripting vulnerability in multiple products Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. | 6.1 |