Product
sourcegraph
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-46248
CVE-2022-41943
CVE-2022-41942
CVE-2022-31155
CVE-2022-31154
CVE-2022-29171
CVE-2022-23642
CVE-2022-23643
CVE-2021-43823
CVE-2021-32787
CVE-2020-12283
>= 0.10.0 and <= 0.14.0
Cody is an artificial intelligence (AI) coding assistant. The Cody AI VSCode extension versions 0.10.0 through 0.14.0 are vulnerab
< 4.1.0
sourcegraph is a code intelligence platform. As a site admin it was possible to execute arbitrary commands on Gitserver when the e
< 4.1.0
Sourcegraph is a code intelligence platform. In versions prior to 4.1.0 a command Injection vulnerability existed in the gitserver
< 3.41.0
Sourcegraph is an opensource code search and navigation engine. In Sourcegraph versions before 3.41.0, it is possible for an attac
< 3.42.0
Sourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the C
< 3.38.0
Sourcegraph is a fast and featureful code search and navigation engine. Versions before 3.38.0 are vulnerable to Remote Code Execu
< 3.37
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in th
>= 3.35.0 and < 3.35.2
Sourcegraph is a code search and navigation engine. Sourcegraph versions 3.35 and 3.36 reintroduced a previously fixed side-channe
< 3.33.2
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.33.2 is vulnerable to a side-channel attack whe
< 3.30.0
Sourcegraph is a code search and navigation engine. Sourcegraph before version 3.30.0 has two potential information leaks. The sit
< 3.15.1
Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in