{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T01:59:55.357","vulnerabilities":[{"cve":{"id":"CVE-2022-31155","sourceIdentifier":"security-advisories@github.com","published":"2022-08-01T19:15:08.270","lastModified":"2024-11-21T07:04:00.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sourcegraph is an opensource code search and navigation engine. In Sourcegraph versions before 3.41.0, it is possible for an attacker to delete other users’ saved searches due to a bug in the authorization check. The vulnerability does not allow the reading of other users’ saved searches, only overwriting them with attacker-controlled searches. The issue is patched in Sourcegraph version 3.41.0. There is no workaround for this issue and updating to a secure version is highly recommended."},{"lang":"es","value":"Sourcegraph es un motor de búsqueda y navegación de código abierto. En Sourcegraph versiones anteriores a 3.41.0, es posible que un atacante borre las búsquedas guardadas de otros usuarios debido a un error en la comprobación de la autorización. La vulnerabilidad no permite leer las búsquedas guardadas de otros usuarios, sólo sobrescribirlas con búsquedas controladas por el atacante. El problema está parcheado en Sourcegraph versión 3.41.0. No se presenta una mitigación para este problema y es recomendado encarecidamente la actualización a una versión segura"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sourcegraph:sourcegraph:*:*:*:*:*:*:*:*","versionEndExcluding":"3.41.0","matchCriteriaId":"14A4E178-28C9-4AC6-B1C3-8F66EF3DC4FD"}]}]}],"references":[{"url":"https://github.com/sourcegraph/sourcegraph/commit/2832d7882396a6295ba5803b5ef48dc7d5a24c59","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/sourcegraph/sourcegraph/security/advisories/GHSA-37qp-9jq6-f6mx","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/sourcegraph/sourcegraph/commit/2832d7882396a6295ba5803b5ef48dc7d5a24c59","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/sourcegraph/sourcegraph/security/advisories/GHSA-37qp-9jq6-f6mx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}