Affected by GO-2024-3019
and 8 other vulnerabilities
GO-2024-3019: soft-serve vulnerable to arbitrary code execution by crafting git-lfs requests in github.com/charmbracelet/soft-serve
GO-2025-3374: Soft Serve vulnerable to path traversal attacks in github.com/charmbracelet/soft-serve
GO-2025-3930: Soft Serve vulnerable to arbitrary file writing through SSH API in github.com/charmbracelet/soft-serve
GO-2025-4106: Soft Serve does not sanitize ANSI escape sequences in user input in github.com/charmbracelet/soft-serve
GO-2025-4111: Soft Serve is vulnerable to SSRF through its Webhooks in github.com/charmbracelet/soft-serve
GO-2026-4290: Soft Serve is missing an authorization check in LFS lock deletion in github.com/charmbracelet/soft-serve
GO-2026-4353: Soft Serve Affected by an Authentication Bypass in github.com/charmbracelet/soft-serve
GO-2026-4634: soft-serve vulnerable to SSRF via unvalidated LFS endpoint in repo import in github.com/charmbracelet/soft-serve
GO-2026-4788: In Soft Serve, an authenticated repo import can clone server-local private repositories in github.com/charmbracelet/soft-serve
package
Version:
v0.7.3
Opens a new window with list of versions in this module.
Published: Nov 19, 2023
License: MIT
Opens a new window with license information.
Imports: 1
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
KeyMap is a map of key bindings for the UI.
DefaultKeyMap returns the default key map.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.