Vulnerabilities > Sourcegraph
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-46248 | External Control of System or Configuration Setting vulnerability in Sourcegraph Cody Cody is an artificial intelligence (AI) coding assistant. | 8.8 |
| 2022-11-22 | CVE-2022-41942 | OS Command Injection vulnerability in Sourcegraph Sourcegraph is a code intelligence platform. | 7.8 |
| 2022-11-22 | CVE-2022-41943 | Incorrect Default Permissions vulnerability in Sourcegraph sourcegraph is a code intelligence platform. | 7.2 |
| 2022-08-01 | CVE-2022-31155 | Incorrect Authorization vulnerability in Sourcegraph Sourcegraph is an opensource code search and navigation engine. | 4.3 |
| 2022-05-06 | CVE-2022-29171 | Code Injection vulnerability in Sourcegraph Sourcegraph is a fast and featureful code search and navigation engine. | 7.2 |
| 2022-02-18 | CVE-2022-23642 | Missing Authorization vulnerability in Sourcegraph Sourcegraph is a code search and navigation engine. | 8.8 |
| 2022-02-15 | CVE-2022-23643 | Information Exposure Through Discrepancy vulnerability in Sourcegraph Sourcegraph is a code search and navigation engine. | 4.0 |
| 2021-12-13 | CVE-2021-43823 | Information Exposure Through Discrepancy vulnerability in Sourcegraph Sourcegraph is a code search and navigation engine. | 4.0 |
| 2021-08-02 | CVE-2021-32787 | Unspecified vulnerability in Sourcegraph Sourcegraph is a code search and navigation engine. | 4.0 |
| 2020-04-30 | CVE-2020-12283 | Open Redirect vulnerability in Sourcegraph Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in cmd/frontend/auth/redirect.go, such as for the //foo//example.com substring. | 5.8 |