CVE-2022-38580: Server-Side Request Forgery (SSRF)

October 25, 2022 (updated March 28, 2023)

Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).

References

skipper.com/
zalando.com/
gist.github.com/Fadavvi/9fffcfa4aaa9e25b77cfe7b3044b2857
nvd.nist.gov/vuln/detail/CVE-2022-38580
pastebin.com/dXxpgPAK

Code Behaviors & Features

Detect and mitigate CVE-2022-38580 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →