CVE-2026-30832
Received Received - Intake
Server-Side Request Forgery in Soft Serve Git Server via LFS Endpoint

Publication date: 2026-03-07

Last updated on: 2026-03-11

Assigner: GitHub, Inc.

Description
Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), but an attacker hosting a fake LFS server can chain this into full read access to internal services by returning download URLs that point at internal targets. This issue has been patched in version 0.11.4.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-07
Last Modified
2026-03-11
Generated
2026-05-07
AI Q&A
2026-03-07
EPSS Evaluated
2026-05-05
NVD
CVE-2026-30832
EUVD
EUVD-2026-10166
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
charm soft_serve From 0.6.0 (inc) to 0.11.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-30832 is a high-severity Server-Side Request Forgery (SSRF) vulnerability in the Soft Serve Git server, affecting versions from 0.6.0 up to but not including 0.11.4.

The vulnerability arises because an authenticated SSH user can supply a crafted --lfs-endpoint URL during a repository import command. This URL is not validated or sanitized and is used directly by the server to make HTTP requests.

This allows the attacker to force the server to make HTTP requests to internal or private IP addresses. Initially, the requests are blind (the server does not parse the response properly), but if the attacker hosts a fake LFS server that returns specially crafted responses, they can gain full read access to internal services.

The attack chain involves sending a batch request to the attacker-controlled LFS endpoint, then using returned download URLs to access internal targets. These internal responses are stored as LFS objects on disk and can be retrieved by the attacker.

The vulnerability persists through mirror sync jobs, which repeatedly trigger the SSRF without further user interaction.

The issue was patched in version 0.11.4 by adding proper URL validation and using a secure HTTP client that blocks requests to private/internal IPs and prevents redirects.


How can this vulnerability impact me? :

This vulnerability can have serious impacts if exploited by an authenticated SSH user.

  • The attacker can induce the server to make HTTP requests to arbitrary internal or private network destinations.
  • It enables port scanning and internal service discovery within the private network.
  • The attacker can steal sensitive information such as cloud credentials by accessing internal metadata services.
  • Unauthorized reading of internal APIs and services is possible.
  • The SSRF attack can persist and repeat automatically through mirror sync jobs, increasing the risk and impact.

Overall, the vulnerability can lead to significant data exposure and compromise of internal network security.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring for unusual HTTP requests originating from the Soft Serve server to internal or private IP addresses, especially triggered by authenticated SSH users running the `repo import` command with a crafted `--lfs-endpoint` URL.

Specifically, detection involves looking for outbound HTTP POST requests to unexpected internal metadata endpoints or internal services, which may indicate exploitation attempts.

Suggested commands to detect potential exploitation include:

  • Using network monitoring tools (e.g., tcpdump or Wireshark) to capture outbound HTTP traffic from the Soft Serve server to internal IP ranges (e.g., 169.254.169.254 or other private IPs). Example: `tcpdump -i eth0 host 169.254.169.254`
  • Checking SSH command logs or audit logs for usage of the `repo import` command with the `--lfs-endpoint` parameter.
  • Searching Git repository configurations for suspicious `lfs.url` entries that point to internal or attacker-controlled endpoints.
  • Using HTTP proxy logs or server logs to identify unexpected LFS batch requests (`/objects/batch`) to internal or unusual URLs.

What immediate steps should I take to mitigate this vulnerability?

The immediate and recommended mitigation step is to upgrade Soft Serve to version 0.11.4 or later, where the SSRF vulnerability in the LFS endpoint handling has been patched.

This update includes enhanced SSRF protections such as validation of the LFS endpoint URL, use of a secure HTTP client that blocks redirects and validates IP addresses before dialing, and improved DNS resolution checks to prevent requests to internal or private IP addresses.

Until the upgrade is applied, consider restricting SSH user permissions to trusted users only, monitoring for suspicious `repo import` commands with `--lfs-endpoint`, and auditing repository configurations for malicious LFS URLs.

Additionally, review and limit network access from the Soft Serve server to internal services to reduce the impact of potential SSRF exploitation.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart