Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/171546/X-Skipper-Proxy-0.13.237-Server-Side-Request-Forgery.html | |
http://skipper.com | Not Applicable |
http://zalando.com | Vendor Advisory |
https://gist.github.com/Fadavvi/9fffcfa4aaa9e25b77cfe7b3044b2857#file-cve-2022-38580 | Third Party Advisory |
https://pastebin.com/dXxpgPAK | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-24T00:00:00
Updated: 2023-03-28T00:00:00
Reserved: 2022-08-22T00:00:00
Link: CVE-2022-38580
JSON object: View
NVD Information
Status : Modified
Published: 2022-10-25T17:15:55.730
Modified: 2023-03-28T17:15:11.820
Link: CVE-2022-38580
JSON object: View
Redhat Information
No data.
CWE