soft-serve vulnerable to arbitrary code execution by crafting git-lfs requests in github.com/charmbracelet/soft-serve
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2024-3019" }