Lucene search
K

6 matches found

0day.today
0day.today
added 2023/03/28 12:0 a.m.262 views

X-Skipper-Proxy v0.13.237 - Server Side Request Forgery Vulnerability

Exploit Title: X-Skipper-Proxy v0.13.237 - Server Side Request Forgery SSRF Exploit Author: Hosein Vita & Milad Fadavvi Vendor Homepage: https://github.com/zalando/skipper Software Link: https://github.com/zalando/skipper Version: v0.13.237 Tested on: Linux CVE: CVE-2022-38580 Summary: Skipper...

9.8CVSS9.6AI score0.10573EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/03/28 12:0 a.m.256 views

X-Skipper-Proxy 0.13.237 Server-Side Request Forgery

Exploit Title: X-Skipper-Proxy v0.13.237 - Server Side Request Forgery SSRF Date: 24/10/2022 Exploit Author: Hosein Vita & Milad Fadavvi Vendor Homepage: https://github.com/zalando/skipper Software Link: https://github.com/zalando/skipper Version: v0.13.237 Tested on: Linux CVE: CVE-2022-38580...

9.8CVSS9.4AI score0.10573EPSS
Exploits3
Circl
Circl
added 2022/10/25 8:27 p.m.5 views

CVE-2022-38580

creationtimestamp| type| source ---|---|--- 2022-10-25 20:27:01+00:00| seen| https://t.me/cibsecurity/52032...

9.8CVSS8.7AI score0.10573EPSS
Exploits3References1
NVD
NVD
added 2022/10/25 5:15 p.m.51 views

CVE-2022-38580

Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery SSRF...

9.8CVSS0.10573EPSS
Exploits3References3
Vulnrichment
Vulnrichment
added 2022/10/24 12:0 a.m.7 views

CVE-2022-38580

Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery SSRF...

9.5AI score0.10573EPSS
Exploits3References3
CVE
CVE
added 2022/10/24 12:0 a.m.109 views

CVE-2022-38580

Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF) via the X-Skipper-Proxy header. Multiple sources (Red Hat, OSV, ExploitDB, GHSA advisory) describe an SSRF condition allowing an attacker to access internal endpoints (e.g., AWS metadata) by sending requests with a craf...

9.8CVSS9.3AI score0.10573EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder