Vulnerabilities

CVE-2025-64494 - Soft Serve does not sanitize ANSI escape sequences in user input

2025-11-08 0 views admin

CVE ID : CVE-2025-64494 Published : Nov. 8, 2025, 2:15 a.m. | 1 hour, 15 minutes ago Description : Soft Serve is a self-hostable Git server for the command line. In versions prior to 0.10.0, there are several places where the user can insert data (e.g. names) and ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts. In the same token, git messages, when printed, are also not being sanitized. This issue is fixed in version 0.10.0. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-64494

Severity

MEDIUM

Published

Nov. 8, 2025

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-64494medium

CVE-2025-64494 - Soft Serve does not sanitize ANSI escape sequences in user input

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15077 - itsourcecode Student Management System form137.php sql injection

CVE-2025-15078 - itsourcecode Student Management System list_report.php sql injection

CVE-2025-32095 - Pexip Infinity Signalling Denial of Service

CVE-2025-59683 - Pexip Infinity Improper Access Control Denial of Service

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting