Количество 3
Количество 3
CVE-2025-64522
Soft Serve is a self-hostable Git server for the command line. Versions prior to 0.11.1 have a SSRF vulnerability where webhook URLs are not validated, allowing repository administrators to create webhooks targeting internal services, private networks, and cloud metadata endpoints. Version 0.11.1 fixes the vulnerability.
GHSA-vwq2-jx9q-9h9f
Soft Serve is vulnerable to SSRF through its Webhooks
BDU:2026-00070
Уязвимость компонента webhook Git-сервера Soft Serve, позволяющая нарушителю осуществить SSRF-атаку
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-64522 Soft Serve is a self-hostable Git server for the command line. Versions prior to 0.11.1 have a SSRF vulnerability where webhook URLs are not validated, allowing repository administrators to create webhooks targeting internal services, private networks, and cloud metadata endpoints. Version 0.11.1 fixes the vulnerability. | CVSS3: 9.1 | 0% Низкий | 3 месяца назад |
| GHSA-vwq2-jx9q-9h9f Soft Serve is vulnerable to SSRF through its Webhooks | CVSS3: 9.1 | 0% Низкий | 3 месяца назад |
 | BDU:2026-00070 Уязвимость компонента webhook Git-сервера Soft Serve, позволяющая нарушителю осуществить SSRF-атаку | CVSS3: 9.1 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу