An arbitrary file upload vulnerability in the file upload module of Skipper v0.9.1 allows attackers to execute arbitrary code via a crafted file.
9.8CVSS
9.5AI Score
0.003EPSS
In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request.
7.5CVSS
7.4AI Score
0.001EPSS
9.8CVSS
9.3AI Score
0.026EPSS