20 matches found
CVE-2026-33353
Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. Thi...
CVE-2026-33353
Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. Thi...
CVE-2026-33353
CVE-2026-33353 affects Soft Serve: from v0.6.0 to before v0.11.6 an authorization flaw in repo import permits any authenticated SSH user to clone a server-local Git repository (even another user’s private repo) into a new repository under their control. The issue is mitigated by upgrading to v0.1...
CVE-2026-33353 Soft Serve: Authenticated repo import can clone server-local private repositories
Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. Thi...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the repo import process. An attacker can access unauthorized server-local private repositories by initiating a clone operation after authenticating. Remediation Upgrade...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the repo import process. An attacker can access unauthorized server-local private repositories by initiating a clone operation after authenticating. Remediation Upgrade...
GHSA-XGXP-F695-6VRP In Soft Serve, an authenticated repo import can clone server-local private repositories
Summary An authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. This breaks the private-repository confidentiality boundary and should be treated as High severity...
PT-2026-26490
Name of the Vulnerable Software and Affected Versions Soft Serve versions prior to 0.11.6 Description An authorization flaw exists in the repo import functionality, allowing any authenticated SSH user to clone server-local Git repositories, including private repositories belonging to other users,...
CVE-2026-30832 Soft Serve: SSRF via unvalidated LFS endpoint in repo import
Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is...
CVE-2026-30832
CVE-2026-30832 — Soft Serve : A authenticated SSH user could force the server to perform HTTP requests to internal/private IPs by importing a crafted --lfs-endpoint URL, enabling access to internal targets. The initial batch request is blind and metadata endpoint parsing may not yield valid LFS J...
CVE-2026-30832 Soft Serve: SSRF via unvalidated LFS endpoint in repo import
Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is...
GHSA-3FVX-XRXQ-8JVV soft-serve vulnerable to SSRF via unvalidated LFS endpoint in repo import
While auditing the codebase in the wake of the webhook SSRF fix shipped in v0.11.1 GHSA-vwq2-jx9q-9h9f, it was identified that the LFS import path was never given the same treatment. The webhook fix introduced dual-layer SSRF protection — ValidateWebhookURL at creation time and secureHTTPClient...
soft-serve vulnerable to SSRF via unvalidated LFS endpoint in repo import
While auditing the codebase in the wake of the webhook SSRF fix shipped in v0.11.1 GHSA-vwq2-jx9q-9h9f, it was identified that the LFS import path was never given the same treatment. The webhook fix introduced dual-layer SSRF protection — ValidateWebhookURL at creation time and secureHTTPClient...
EUVD-2021-26227
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-0231
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows an attacker to craft ...
CVE-2021-39870
In all versions of GitLab CE/EE since version 11.11, an instance that has the setting to disable Repo by URL import enabled is bypassed by an attacker making a crafted API call...
GitLab CE/EE 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE/EE. An attacker has exploited the...
GitLab: DOS: taking down a 1k users Gitlab EE instance or multiple Sidekiq instances by importing a malicious repo from a Github EE self-hosted server
The report described a vulnerability in GitLab where an attacker could cause a denial of service by importing a malicious payload via the GitHub importer functionality...
GitLab GitHub Repo Import Deserialization RCE
An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested defaultbranch. GitLab will cache this object and then deserialize it when...
GitLab GitHub Repo Import Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitLab GitHub Repo Import Deserialization RCE', 'Description' = %q An authenticated user can import a repository from GitHub into GitLab. If a us...