Soft Serve is a self-hostable Git server for the command line. In versions 0.9.1 and below, attackers can create or override arbitrary files with uncontrolled data through its SSH API. This issue is fixed in version 0.10.0.
Metrics
Affected Vendors & Products
References
History
Thu, 04 Sep 2025 00:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Soft Serve is a self-hostable Git server for the command line. In versions 0.9.1 and below, attackers can create or override arbitrary files with uncontrolled data through its SSH API. This issue is fixed in version 0.10.0. | |
Title | Soft Serve is vulnerable to arbitrary file writing through its SSH API | |
Weaknesses | CWE-22 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-09-03T23:52:23.555Z
Reserved: 2025-08-29T16:19:59.010Z
Link: CVE-2025-58355

No data.

No data.

No data.

No data.