Zalando Skipper
2 CVEs affecting Zalando Skipper. Latest disclosed: 2026-01-26. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-23742 | High | 8.8 | 2026-01-16 | Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem… |
CVE-2026-24470 | High | 8.1 | 2026-01-26 | Skipper is an HTTP router and reverse proxy for service composition. Prior to version 0.24.0, when running Skipper as an Ingress controller, users with permiss… |