x/vulndb: potential Go vuln in github.com/zalando/skipper: CVE-2022-34296

CVE-2022-34296 references [github.com/zalando/skipper](https://github.com/zalando/skipper), which may be a Go module.

Description:
In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request.

Links:
- NIST: https://nvd.nist.gov/vuln/detail/CVE-2022-34296
- JSON: https://github.com/CVEProject/cvelist/tree/d015b1d2359d4a40204697a7ef10c0963270fcf9/2022/34xxx/CVE-2022-34296.json
- Imported by: https://pkg.go.dev/github.com/zalando/skipper?tab=importedby
- https://github.com/zalando/skipper/releases/tag/v0.13.218

See [doc/triage.md](https://github.com/golang/vulndb/blob/master/doc/triage.md) for instructions on how to triage this report.

```
packages:
  - module: github.com/zalando/skipper
    package: n/a
description: |
    In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request.
cves:
  - CVE-2022-34296
links:
    context:
      - https://github.com/zalando/skipper/releases/tag/v0.13.218

```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

x/vulndb: potential Go vuln in github.com/zalando/skipper: CVE-2022-34296 #494

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

x/vulndb: potential Go vuln in github.com/zalando/skipper: CVE-2022-34296 #494

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions