CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Soft Serve is a self-hostable Git server for the command line. In versions 0.9.1 and below, attackers can create or override arbitrary files with uncontrolled data through its SSH API. This issue is fixed in version 0.10.0...

7.7CVSS0.00116EPSS

Exploits0References1

CNNVD•added 2025/09/04 12:0 a.m.•2 views

Soft Serve 路径遍历漏洞

Soft Serve is a self-hostable command-line Git server from Charm Open Source. A path traversal vulnerability exists in Soft Serve 0.9.1 and earlier versions, which stems from an SSH API that allows an attacker to create or overwrite arbitrary files...

7.7CVSS6.5AI score0.00116EPSS

Exploits0References1

Tenable Nessus•added 2025/08/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2020-28086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pass through 1.7.3 has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password,...

7.5CVSS7.2AI score0.00095EPSS

Exploits0References3

Tenable Nessus•added 2025/03/05 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2023-49568

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attac...

7.5CVSS6.6AI score0.00112EPSS

Exploits0References3

RedHat Linux•added 2025/01/23 9:34 a.m.•3 views

go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies

A denial of service DoS vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients...

7.5CVSS7.3AI score0.00222EPSS

Exploits0References6

RedHat Linux•added 2025/01/20 1:40 a.m.•1 views

go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies

7.5CVSS7.3AI score0.00222EPSS

Exploits0References6

Vulnrichment•added 2025/01/08 3:43 p.m.•11 views

CVE-2025-22130 Soft Serve allows path traversal attacks

Soft Serve is a self-hostable Git server for the command line. Prior to 0.8.2 , a path traversal attack allows existing non-admin users to access and take over other user's repositories. A malicious user then can modify, delete, and arbitrarily repositories as if they were an admin user without...

5.3CVSS6.5AI score0.00567EPSS

Exploits0References3

OSV•added 2025/01/07 4:3 p.m.•9 views

GO-2025-3367 Clients vulnerable to DoS via maliciously crafted Git server replies in github.com/go-git/go-git

Clients vulnerable to DoS via maliciously crafted Git server replies in github.com/go-git/go-git...

7.5CVSS7.5AI score0.00222EPSS

Exploits0References1

OSV•added 2025/01/06 5:15 p.m.•3 views

AZL-55073 CVE-2025-21614 affecting package cri-o 1.30.1-1

go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git serve...

7.5CVSS6.7AI score0.00222EPSS

Exploits0References1

OSV•added 2025/01/06 4:20 p.m.•11 views

GHSA-R9PX-M959-CXF4 go-git clients vulnerable to DoS via maliciously crafted Git server replies

Impact A denial of service DoS vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. This is a go-g...

7.5CVSS7.4AI score0.00222EPSS

Exploits0References3