{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-30832", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-05T21:06:44.606Z", "datePublished": "2026-03-07T15:57:39.158Z", "dateUpdated": "2026-03-09T18:26:21.312Z"}, "containers": {"cna": {"title": "Soft Serve: SSRF via unvalidated LFS endpoint in repo import", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-3fvx-xrxq-8jvv", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-3fvx-xrxq-8jvv"}, {"name": "https://github.com/charmbracelet/soft-serve/commit/3ef660098ab37a7950457da8ecc25b516e37ce4e", "tags": ["x_refsource_MISC"], "url": "https://github.com/charmbracelet/soft-serve/commit/3ef660098ab37a7950457da8ecc25b516e37ce4e"}, {"name": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.4", "tags": ["x_refsource_MISC"], "url": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.4"}], "affected": [{"vendor": "charmbracelet", "product": "soft-serve", "versions": [{"version": ">= 0.6.0, < 0.11.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-07T15:57:39.158Z"}, "descriptions": [{"lang": "en", "value": "Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), but an attacker hosting a fake LFS server can chain this into full read access to internal services by returning download URLs that point at internal targets. This issue has been patched in version 0.11.4."}], "source": {"advisory": "GHSA-3fvx-xrxq-8jvv", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-09T17:52:27.217761Z", "id": "CVE-2026-30832", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T18:26:21.312Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-30832", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-09T17:52:27.217761Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T17:52:28.240Z"}}], "cna": {"title": "Soft Serve: SSRF via unvalidated LFS endpoint in repo import", "source": {"advisory": "GHSA-3fvx-xrxq-8jvv", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "charmbracelet", "product": "soft-serve", "versions": [{"status": "affected", "version": ">= 0.6.0, < 0.11.4"}]}], "references": [{"url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-3fvx-xrxq-8jvv", "name": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-3fvx-xrxq-8jvv", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/charmbracelet/soft-serve/commit/3ef660098ab37a7950457da8ecc25b516e37ce4e", "name": "https://github.com/charmbracelet/soft-serve/commit/3ef660098ab37a7950457da8ecc25b516e37ce4e", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.4", "name": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.4", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), but an attacker hosting a fake LFS server can chain this into full read access to internal services by returning download URLs that point at internal targets. This issue has been patched in version 0.11.4."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-07T15:57:39.158Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30832", "state": "PUBLISHED", "dateUpdated": "2026-03-09T18:26:21.312Z", "dateReserved": "2026-03-05T21:06:44.606Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-07T15:57:39.158Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:charm:soft_serve:*:*:*:*:*:go:*:*", "matchCriteriaId": "CB2C4B8B-F7D7-4EAA-B2DC-29C17894811B", "versionEndExcluding": "0.11.4", "versionStartIncluding": "0.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), but an attacker hosting a fake LFS server can chain this into full read access to internal services by returning download URLs that point at internal targets. This issue has been patched in version 0.11.4."}, {"lang": "es", "value": "Soft Serve es un servidor Git autoalojable para la l\u00ednea de comandos. Desde la versi\u00f3n 0.6.0 hasta antes de la versi\u00f3n 0.11.4, un usuario SSH autenticado puede forzar al servidor a realizar solicitudes HTTP a direcciones IP internas/privadas ejecutando repo import con una URL --lfs-endpoint manipulada. La solicitud de lote inicial es ciega (la respuesta de un endpoint de metadatos no se analizar\u00e1 como JSON LFS v\u00e1lido), pero un atacante que aloja un servidor LFS falso puede encadenar esto en un acceso de lectura completo a servicios internos devolviendo URLs de descarga que apuntan a objetivos internos. Este problema ha sido parcheado en la versi\u00f3n 0.11.4."}], "id": "CVE-2026-30832", "lastModified": "2026-03-11T20:36:30.093", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 5.3, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-07T16:15:55.893", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/charmbracelet/soft-serve/commit/3ef660098ab37a7950457da8ecc25b516e37ce4e"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.4"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-3fvx-xrxq-8jvv"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.6.0,0.11.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "soft-serve", "source": "cna", "vendor": "charmbracelet"}, "product": "soft-serve", "vendor": "charmbracelet"}], "analysis": {"en": {"generated_at": "2026-04-16T10:51:14.853884+00:00", "value": {"mitigation_remediation": ["Upgrade Soft Serve to version 0.11.4 or later", "If upgrading is not immediately possible, restrict or disable the repo import command for SSH users, or block the --lfs-endpoint parameter from being supplied", "Implement network segmentation or firewall rules to prevent the Soft Serve process from making outbound requests to internal or private IP ranges"], "summary": {"action": "Immediate Patch", "impact": "Server Side Request Forgery enabling internal network access"}, "threat_synthesis": {"affected_systems": "Versions of Soft Serve from 0.6.0 up to (but not including) 0.11.4 are affected. The vulnerability applies to installations of the charmbracelet Soft Serve Git server that accept authenticated SSH sessions and execute the repo import command. Systems running v0.11.4 or later are not vulnerable.", "description_and_impact": "An authenticated SSH user can trigger the Soft Serve server to perform HTTP requests to arbitrary URLs by supplying a crafted LFS endpoint during repository import. The vulnerability is a Classic Server Side Request Forgery (CWE-918) which allows the attacker to cause the server to reach internal or private IP addresses, potentially leaking sensitive data or gaining additional network access. The initial request is blind due to malformed LFS responses, but can be chained by an attacker who controls the fake LFS server to ultimately retrieve content from internal services.", "risk_and_exploitability": "The flaw carries a CVSS Base score of 9.1, reflecting a high impact to confidentiality and availability when an attacker can coerce the server into accessing private resources. The EPSS score of less than 1% indicates that, as of this analysis, exploitation is unlikely to be widespread and no public exploits are documented, and the vulnerability is not listed in CISA\u2019s KEV catalog. However, because it requires authenticated SSH access, the threat persists in environments where such users are granted elevated privileges with the ability to invoke the import command. The overall risk remains high for organizations that allow users to import repositories without strict controls."}}}}, "created": "2026-03-09T10:05:07.423434+00:00", "updated": "2026-04-16T11:00:10.638119+00:00", "vendors": ["charmbracelet", "charmbracelet$PRODUCT$soft-serve"]}