CVE-2022-31154 – Sourcegraph is an opensource code search and navigation engine. It is possible for an auth …

1 August 2022

Vuln ID: CVE-2022-31154

Published: 2022-08-01 19:15:08Z

Description: Sourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the Code Monitors owned by any other Sourcegraph user. This includes being able to edit both the trigger and the action of the monitor in question. An attacker is not able to read contents of existing code monitors, only override the data. The issue is fixed in Sourcegraph 3.42. There are no workaround for the issue and patching is highly recommended.

Source: NVD.NIST.GOV

Date:

1 August 2022

Categorie(s):

NVD

Tag(s):

NVD

AI sparks increasing cyber concerns for execs amid growing adoption26 April 2024
More details on rural water system breach sought by legislators26 April 2024
Updated CISA exploited vulnerabilties catalog includes Windows print spooler bug26 April 2024
Severe Flaws Disclosed in Brocade SANnav SAN Management Software26 April 2024
Microsoft credentials targeted by phishing campaign using Autodesk Drive26 April 2024