Vulnerabilidades en charmbracelet
12 resultadosCVE-2023-43809HIGHSoft Serve Public Key Authentication Bypass Vulnerability when Keyboard-Interactive SSH Authentication is EnabledEPSS 0.9%CVE-2022-29180MEDIUMCharm vulnerable to server-side request forgery (SSRF)EPSS 0.7%CVE-2025-22130MEDIUMSoft Serve allows path traversal attacksEPSS 0.7%CVE-2026-24058HIGHSoft Serve has Critical Authentication BypassEPSS 0.5%CVE-2024-41956HIGHSoft Serve allows arbitrary code execution by crafting git-lfs requestsEPSS 0.5%CVE-2026-41589CRITICALWish has SCP Path Traversal that allows arbitrary file read/writeEPSS 0.4%CVE-2026-33353HIGHSoft Serve: Authenticated repo import can clone server-local private repositoriesEPSS 0.4%CVE-2026-30832CRITICALSoft Serve: SSRF via unvalidated LFS endpoint in repo importEPSS 0.3%CVE-2025-58355HIGHSoft Serve is vulnerable to arbitrary file writing through its SSH APIEPSS 0.3%CVE-2025-64522CRITICALSoft Serve is vulnerable to SSRF through its WebhooksEPSS 0.3%CVE-2026-22253MEDIUMSoft Serve is missing an authorization check in LFS lock deletionEPSS 0.3%CVE-2025-64494MEDIUMSoft Serve does not sanitize ANSI escape sequences in user inputEPSS 0.2%