Affected by GO-2024-3019
and 6 other vulnerabilities
GO-2024-3019: soft-serve vulnerable to arbitrary code execution by crafting git-lfs requests in github.com/charmbracelet/soft-serve
GO-2025-3374: Soft Serve vulnerable to path traversal attacks in github.com/charmbracelet/soft-serve
GO-2025-3930: Soft Serve vulnerable to arbitrary file writing through SSH API in github.com/charmbracelet/soft-serve
GO-2025-4106: Soft Serve does not sanitize ANSI escape sequences in user input in github.com/charmbracelet/soft-serve
GO-2025-4111: Soft Serve is vulnerable to SSRF through its Webhooks in github.com/charmbracelet/soft-serve
GO-2026-4290: Soft Serve is missing an authorization check in LFS lock deletion in github.com/charmbracelet/soft-serve
GO-2026-4353: Soft Serve Affected by an Authentication Bypass in github.com/charmbracelet/soft-serve
package
Version:
v0.7.2
Opens a new window with list of versions in this module.
Published: Nov 16, 2023
License: MIT
Opens a new window with license information.
Imports: 4
Opens a new window with list of imports.
Imported by: 1
Opens a new window with list of known importers.
Documentation
¶
SanitizeRepo returns a sanitized version of the given repository name.
ValidateRepo returns an error if the given repository name is invalid.
ValidateUsername returns an error if any of the given usernames are invalid.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.