Soft Serve 安全漏洞

Soft Serve is a self-hosted command-line Git server from Charm Open Source. A security vulnerability exists in Soft Serve versions prior to 0.11.2, which stems from an authorization bypass in the LFS lock deletion endpoint that could lead to arbitrary lock deletion...

Soft Serve 安全漏洞

Soft Serve is a self-hostable command-line Git server from Charm Open Source. A security vulnerability exists in Soft Serve versions prior to 0.10.0, which stems from not removing ANSI escape sequences and not cleaning up git messages, which could lead to a fake alert attack...

EUVD-2023-2773

Malicious code in bioql PyPI...

GO-2025-3930 Soft Serve vulnerable to arbitrary file writing through SSH API in github.com/charmbracelet/soft-serve

Soft Serve vulnerable to arbitrary file writing through SSH API in github.com/charmbracelet/soft-serve...

@ieremeev/app (>=3.0.1 <=3.2.4), xtal-test (>=0.0.1 <=0.0.10) potentially affected by unknown CVE via serve (=10.0.0)

serve NPM version =10.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on serve and may be impacted: - @ieremeev/app =3.0.1, =0.0.1, =0.0.10 Source cves: unknown CVE Source advisory: OSV:GHSA-XW79-HHV6-578C...

Directory Traversal

serve is vulnerable to directory traversal. The vulnerability exists because it gives an easy interface to list directory contents and traverse into sub-folder just by submitting a URL with dot-slash before the file name, e.g. http://127.0.0.1:6060/dir/./file.txt...

Serve Path Traversal Vulnerability

serve is a static file server that is primarily used for deploying native single-page applications or static files. A path traversal vulnerability exists in serve versions prior to 6.4.9, where the program fails to adequately filter %2e . and %2f / characters in the url. and %2f / characters in t...