CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41942 – Sourcegraph vulnerable to Comand Injection via gitserver
https://notcve.org/view.php?id=CVE-2022-41942
22 Nov 2022 — Sourcegraph is a code intelligence platform. In versions prior to 4.1.0 a command Injection vulnerability existed in the gitserver service, present in all Sourcegraph deployments. This vulnerability was caused by a lack of input validation on the host parameter of the `/list-gitolite` endpoint. It was possible to send a crafted request to gitserver that would execute commands inside the container. Successful exploitation requires the ability to send local requests to gitserver. • https://github.com/sourcegraph/sourcegraph/pull/42553 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41943 – Incorrect default permissions found in Sourcegraph
https://notcve.org/view.php?id=CVE-2022-41943
22 Nov 2022 — sourcegraph is a code intelligence platform. As a site admin it was possible to execute arbitrary commands on Gitserver when the experimental `customGitFetch` feature was enabled. This experimental feature has now been disabled by default. This issue has been patched in version 4.1.0. sourcegraph es una plataforma de inteligencia de código. Como administrador del sitio, era posible ejecutar comandos arbitrarios en Gitserver cuando la función experimental "customGitFetch" estaba habilitada. • https://github.com/sourcegraph/sourcegraph/pull/42704 • CWE-276: Incorrect Default Permissions •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31155 – Unauthorized overwriting of saved searches in Sourcegraph
https://notcve.org/view.php?id=CVE-2022-31155
01 Aug 2022 — Sourcegraph is an opensource code search and navigation engine. In Sourcegraph versions before 3.41.0, it is possible for an attacker to delete other users’ saved searches due to a bug in the authorization check. The vulnerability does not allow the reading of other users’ saved searches, only overwriting them with attacker-controlled searches. The issue is patched in Sourcegraph version 3.41.0. There is no workaround for this issue and updating to a secure version is highly recommended. • https://github.com/sourcegraph/sourcegraph/commit/2832d7882396a6295ba5803b5ef48dc7d5a24c59 • CWE-863: Incorrect Authorization •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31154 – Indirect Object Access in Sourcegraph Code Monitoring
https://notcve.org/view.php?id=CVE-2022-31154
01 Aug 2022 — Sourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the Code Monitors owned by any other Sourcegraph user. This includes being able to edit both the trigger and the action of the monitor in question. An attacker is not able to read contents of existing code monitors, only override the data. The issue is fixed in Sourcegraph 3.42. • https://github.com/sourcegraph/sourcegraph/pull/37526 • CWE-863: Incorrect Authorization •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29171 – Remote Code Execution in sourcegraph
https://notcve.org/view.php?id=CVE-2022-29171
05 May 2022 — Sourcegraph is a fast and featureful code search and navigation engine. Versions before 3.38.0 are vulnerable to Remote Code Execution in the gitserver service. The Gitolite code host integration with Phabricator allows Sourcegraph site admins to specify a `callsignCommand`, which is used to obtain the Phabricator metadata for a Gitolite repository. An administrator who is able to edit or add a Gitolite code host and has administrative access to Sourcegraph’s bundled Grafana instance can change this command... • https://github.com/sourcegraph/sourcegraph/security/advisories/GHSA-r2m9-hfg8-4c38 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 96%CPEs: 1EXPL: 6CVE-2022-23642 – Code Injection in Sourcegraph
https://notcve.org/view.php?id=CVE-2022-23642
18 Feb 2022 — Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an attacker to set the git `core.sshCommand` option, which sets git to use the specified command instead of ssh when they need to connect to a remote system. Exploitation of this vulnerability depends on how Sourcegraph is deployed. • https://packetstorm.news/files/id/167741 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23643 – Side-channel attack in Sourcegraph Code Monitors
https://notcve.org/view.php?id=CVE-2022-23643
15 Feb 2022 — Sourcegraph is a code search and navigation engine. Sourcegraph versions 3.35 and 3.36 reintroduced a previously fixed side-channel vulnerabilitity in the Code Monitoring feature where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects only the Code Monitoring feature, whereas CVE-2021-43823 also affected saved searches. A successful attack would require an authenticated bad actor to create many Code Monitors to receive confirmation that a specific... • https://github.com/sourcegraph/sourcegraph/pull/30547 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •