GO-2024-3019
and 6 other vulnerabilities
GO-2024-3019 : soft-serve vulnerable to arbitrary code execution by crafting git-lfs requests in github.com/charmbracelet/soft-serve
GO-2025-3374 : Soft Serve vulnerable to path traversal attacks in github.com/charmbracelet/soft-serve
GO-2025-3930 : Soft Serve vulnerable to arbitrary file writing through SSH API in github.com/charmbracelet/soft-serve
GO-2025-4106 : Soft Serve does not sanitize ANSI escape sequences in user input in github.com/charmbracelet/soft-serve
GO-2025-4111 : Soft Serve is vulnerable to SSRF through its Webhooks in github.com/charmbracelet/soft-serve
GO-2026-4290 : Soft Serve is missing an authorization check in LFS lock deletion in github.com/charmbracelet/soft-serve
GO-2026-4353 : Soft Serve Affected by an Authentication Bypass in github.com/charmbracelet/soft-serve
Discover Packages
github.com/charmbracelet/soft-serve
pkg
sshutils
package
Version:
v0.7.0
Opens a new window with list of versions in this module.
Published: Oct 31, 2023
License: MIT
Opens a new window with license information.
Imports: 4
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
ContextKeySession is the context key for the SSH session.
KeysEqual returns whether the two public keys are equal.
MarshalAuthorizedKey marshals a public key into an authorized key string.
This is the inverse of ParseAuthorizedKey.
This function is a copy of ssh.MarshalAuthorizedKey, but without the trailing newline.
It returns an empty string if pk is nil.
ParseAuthorizedKey parses an authorized key string into a public key.
PublicKeyFromContext returns the public key from the context.
SessionFromContext returns the SSH session from the context.
¶
Click to show internal directories.
Click to hide internal directories.
Affected by 
Documentation
¶
Source Files