2 matches found
CVE-2022-23643 Side-channel attack in Sourcegraph Code Monitors
Sourcegraph is a code search and navigation engine. Sourcegraph versions 3.35 and 3.36 reintroduced a previously fixed side-channel vulnerabilitity in the Code Monitoring feature where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects...
CVE-2022-23643
CVE-2022-23643 covers a side-channel vulnerability in Sourcegraph Code Monitors. Affected are Sourcegraph 3.35 and 3.36, where private-source strings could be inferred by an authenticated but unauthorized actor via the Code Monitoring feature. The root cause is a reintroduced issue that was previ...