CVE-2025-58355
HIGH7.7EPSS 0.12%Soft Serve vulnerable to arbitrary file writing through SSH API
發布日:2025/9/2修改日:2025/9/8
描述
Attackers can create/override arbitrary files with uncontrolled data. For a PoC, spin up an instance of soft-serve as explained in the README, and execute the following command: ```sh ssh -p23231 localhost repo commit icecream -- --output=/tmp/pwned ``` It should have created a file in `/tmp/pwned`.
受影響套件(2)
- Go/github.com/charmbracelet/soft-servefrom 0, < 0.10.0
- Go/github.com/charmbracelet/soft-servefrom 0, < 0.10.0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.7 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |