Latest sourcegraph sourcegraph Vulnerabilities

Sourcegraph is a code intelligence platform. In versions prior to 4.1.0 a command Injection vulnerability existed in the gitserver service, present in all Sourcegraph deployments. This vulnerability w...
Sourcegraph Sourcegraph<4.1.0
Sourcegraph is an opensource code search and navigation engine. In Sourcegraph versions before 3.41.0, it is possible for an attacker to delete other users’ saved searches due to a bug in the author...
Sourcegraph Sourcegraph<3.41.0
Sourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the Code Monitors owned by any other Sourcegraph user. This includes being ...
Sourcegraph Sourcegraph<3.42.0
Sourcegraph is a fast and featureful code search and navigation engine. Versions before 3.38.0 are vulnerable to Remote Code Execution in the gitserver service. The Gitolite code host integration with...
Sourcegraph Sourcegraph<3.38.0
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails...
Sourcegraph Sourcegraph<3.37
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.33.2 is vulnerable to a side-channel attack where strings in private source code could be guessed by an authenticated...
Sourcegraph Sourcegraph<3.33.2
Sourcegraph is a code search and navigation engine. Sourcegraph before version 3.30.0 has two potential information leaks. The site-admin area can be accessed by regular users and all information and ...
Sourcegraph Sourcegraph<3.30.0
### Impact An open redirect vulnerability that allows users to be targeted for phishing attacks has been found in Sourcegraph instances configured with OAuth, OpenID, or SAML authentication enabled. ...
go/github.com/sourcegraph/sourcegraph>=3.15.0<3.15.1
go/github.com/sourcegraph/sourcegraph<3.14.4
Sourcegraph Sourcegraph<3.15.1

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203