Path Traversal Vulnerability in Soft Serve Git Server by Charmbracelet
CVE-2025-22130
Currently unrated
What is CVE-2025-22130?
Soft Serve is a self-hostable Git server designed for command line use. A vulnerability exists in versions prior to 0.8.2, where a path traversal attack permits non-admin users to access and potentially take control of other users' repositories. This loophole allows malicious actors to perform actions typically reserved for admin users, such as modifying or deleting repositories, without having proper permissions. The issue has been remediated in version 0.8.2, which addresses these security flaws.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.