CNNVD-202509-674 Information
Sep 04, 2025
cve
CNNVD ID
CNNVD-202509-674
Related CVE
- CNNVD Published: 2025-09-04
Description (Chinese)
Soft Serve是Charm开源的一个可自托管的命令行 Git 服务器。 Soft Serve 0.9.1及之前版本存在路径遍历漏洞,该漏洞源于SSH API允许攻击者创建或覆盖任意文件。
Description (English)
Soft Serve is a self-serving command line of Charming open source Git server. Soft Serve 0.9.1 and previous versions had a loophole in the path, which stemmed from SSH API allowing the assailant to create or overwhelm any document.
Hazard Level
Medium
Vulnerability Type
路径遍历
Affected Vendor
Charm
Published
2025-09-04
Last Modified
2026-02-24
References
https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-33pr-m977-5w97
Patch
https://github.com/charmbracelet/soft-serve/releases
Share on: