3 matches found
CVE-2022-31155
creationtimestamp| type| source ---|---|--- 2022-08-01 22:17:03+00:00| seen| https://t.me/cibsecurity/47368 2025-04-23 18:05:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13106...
CVE-2022-31155 Unauthorized overwriting of saved searches in Sourcegraph
Sourcegraph is an opensource code search and navigation engine. In Sourcegraph versions before 3.41.0, it is possible for an attacker to delete other users’ saved searches due to a bug in the authorization check. The vulnerability does not allow the reading of other users’ saved searches, only...
CVE-2022-31155
Sourcegraph includes an authorization bug that, in versions before 3.41.0, allows an attacker to overwrite (delete) other users’ saved searches with attacker-controlled data. The vulnerability does not enable reading of others’ saved searches. The issue is mitigated by upgrading to Sourcegraph 3....