2 matches found
CVE-2025-64522
Soft Serve is a self-hostable Git server for the command line. Versions prior to 0.11.1 have a SSRF vulnerability where webhook URLs are not validated, allowing repository administrators to create webhooks targeting internal services, private networks, and cloud metadata endpoints. Version 0.11.1...
CVE-2025-64522
creationtimestamp| type| source ---|---|--- 2025-11-10 13:32:36+00:00| published-proof-of-concept| https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-vwq2-jx9q-9h9f 2025-11-11 00:01:57+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m5cthlvftb27 2025-11-11...