CVE-2026-50197 in skipper
Summary
by MITRE • 07/17/2026
Skipper is an HTTP router and reverse proxy for service composition. Prior to 0.26.10, zalando/skipper's OpenPolicyAgent integration silently bypasses request-body inspection on HTTP/1.1 Transfer-Encoding: chunked and HTTP/2 requests that omit the content-length pseudo-header, because the opaAuthorizeRequestWithBody filter and OpenPolicyAgentInstance.ExtractHttpBodyOptionally in filters/openpolicyagent/openpolicyagent.go produce an empty raw_body and input.parsed_body while the upstream service receives the full attacker-controlled body. This issue is fixed in version 0.26.10.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 07/17/2026
The vulnerability in Skipper versions prior to 0.26.10 represents a critical authorization bypass flaw within the OpenPolicyAgent integration that fundamentally undermines the security of HTTP request processing. This issue specifically affects how the system handles chunked transfer encoding and HTTP/2 requests where the content-length header is omitted, creating a dangerous gap in request body inspection capabilities.
The technical root cause lies in the opaAuthorizeRequestWithBody filter implementation within the OpenPolicyAgent integration module. When processing HTTP/1.1 requests with Transfer-Encoding: chunked or HTTP/2 requests without the content-length pseudo-header, the system fails to properly extract and forward the complete request body to the OpenPolicyAgent for authorization evaluation. The filters/openpolicyagent/openpolicyagent.go file contains logic that produces empty raw_body and input.parsed_body values during this specific processing path, effectively rendering the authorization policies ineffective against malicious payloads.
This flaw creates a significant operational impact by allowing attackers to bypass security controls that should validate request contents before forwarding to upstream services. The system silently ignores the attacker-controlled body content, meaning that even if strict authorization policies are configured to reject certain payload patterns or content types, these protections become ineffective. The upstream service receives the full malicious request body while the authorization layer operates on empty body data, creating a dangerous discrepancy between what is authorized and what is actually processed.
The vulnerability manifests through the specific combination of HTTP/1.1 chunked transfer encoding and HTTP/2 protocol handling where content-length headers are absent, making it particularly insidious as it affects modern HTTP implementations commonly used in cloud-native environments. This issue directly relates to CWE-284 (Improper Access Control) and aligns with ATT&CK technique T1078 (Valid Accounts) through potential privilege escalation via bypassed authorization checks. The flaw represents a classic case of incomplete input validation where the system fails to properly normalize request data before processing, creating an authorization bypass that could allow malicious actors to circumvent security controls.
Organizations using Skipper versions before 0.26.10 should immediately implement mitigations including upgrading to version 0.26.10 or later, implementing additional runtime monitoring for unauthorized access patterns, and potentially adding redundant authorization layers. The fix addresses the core extraction logic to properly handle chunked requests and HTTP/2 scenarios, ensuring that request bodies are consistently processed regardless of transfer encoding method or header presence. Security teams should also review existing OpenPolicyAgent policies to ensure they account for potential bypass scenarios and consider implementing additional logging and auditing measures around authorization decisions to detect any anomalous behavior that might indicate exploitation attempts.