3 matches found
CVE-2022-41942
Sourcegraph is a code intelligence platform. In versions prior to 4.1.0 a command Injection vulnerability existed in the gitserver service, present in all Sourcegraph deployments. This vulnerability was caused by a lack of input validation on the host parameter of the /list-gitolite endpoint. It...
CVE-2022-41942
CVE-2022-41942 affects Sourcegraph’s gitserver component. A command injection existed in the /list-gitolite endpoint due to lack of input validation on the host parameter, exploitable only if an attacker can send local requests to gitserver. Affected versions are those prior to 4.1.0; the issue i...
CVE-2022-41942 Sourcegraph vulnerable to Comand Injection via gitserver
Sourcegraph is a code intelligence platform. In versions prior to 4.1.0 a command Injection vulnerability existed in the gitserver service, present in all Sourcegraph deployments. This vulnerability was caused by a lack of input validation on the host parameter of the /list-gitolite endpoint. It...