Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Snyk
Snykadded 2025/11/10 10:43 p.m.2 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the webhook URLs which are not validated. An attacker can access internal services, private networks, or cloud metadata endpoints by configuring malicious webhook URLs. PoC ssh localhost webhook crea...

9.1CVSS6.6AI score0.003EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/11/10 12:0 a.m.4 views

PT-2025-46215

Name of the Vulnerable Software and Affected Versions Soft Serve versions prior to 0.11.1 Description Soft Serve, a self-hostable Git server, contains a Server-Side Request Forgery SSRF issue. The application does not validate webhook URLs, which allows repository administrators to create webhook...

9.1CVSS6.5AI score0.003EPSS
Exploits1References19
Rows per page
Query Builder