6 matches found
X-Skipper-Proxy v0.13.237 - Server Side Request Forgery Vulnerability
Exploit Title: X-Skipper-Proxy v0.13.237 - Server Side Request Forgery SSRF Exploit Author: Hosein Vita & Milad Fadavvi Vendor Homepage: https://github.com/zalando/skipper Software Link: https://github.com/zalando/skipper Version: v0.13.237 Tested on: Linux CVE: CVE-2022-38580 Summary: Skipper...
X-Skipper-Proxy 0.13.237 Server-Side Request Forgery
Exploit Title: X-Skipper-Proxy v0.13.237 - Server Side Request Forgery SSRF Date: 24/10/2022 Exploit Author: Hosein Vita & Milad Fadavvi Vendor Homepage: https://github.com/zalando/skipper Software Link: https://github.com/zalando/skipper Version: v0.13.237 Tested on: Linux CVE: CVE-2022-38580...
CVE-2022-38580
creationtimestamp| type| source ---|---|--- 2022-10-25 20:27:01+00:00| seen| https://t.me/cibsecurity/52032...
CVE-2022-38580
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery SSRF...
CVE-2022-38580
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery SSRF...
CVE-2022-38580
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF) via the X-Skipper-Proxy header. Multiple sources (Red Hat, OSV, ExploitDB, GHSA advisory) describe an SSRF condition allowing an attacker to access internal endpoints (e.g., AWS metadata) by sending requests with a craf...