Critical severityNVD Advisory· Published Oct 24, 2022· Updated May 7, 2025
CVE-2022-38580
CVE-2022-38580
Description
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/zalando/skipperGo | < 0.13.237 | 0.13.237 |
Affected products
2Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-f2rj-m42r-6jm2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-38580ghsaADVISORY
- packetstormsecurity.com/files/171546/X-Skipper-Proxy-0.13.237-Server-Side-Request-Forgery.htmlghsaWEB
- skipper.comghsaWEB
- zalando.comghsaWEB
- gist.github.com/Fadavvi/9fffcfa4aaa9e25b77cfe7b3044b2857ghsaWEB
- github.com/zalando/skipper/commit/842634347da8fe77e396f66edea79d329fd72130ghsaWEB
- github.com/zalando/skipper/pull/2058ghsaWEB
- github.com/zalando/skipper/releases/tag/v0.13.237ghsaWEB
- github.com/zalando/skipper/security/advisories/GHSA-f2rj-m42r-6jm2ghsaWEB
- pastebin.com/dXxpgPAKghsaWEB
- pkg.go.dev/vuln/GO-2022-1086ghsaWEB
News mentions
0No linked articles in our index yet.