KrakenD CE 2.13.7 and EE 2.13.5 update released
by Jorge Tarrero
This patch release of KrakenD Community Edition and Enterprise Edition upgrades Go to 1.25.11 to address several disclosed CVEs. Check our security advisories page for more details:
🚀 Summary of changes for EEv2.13.5 (patch)
Recommended security upgrade addressing several vulnerabilities by the Go team
- Upgraded Go to 1.25.11, addressing several CVEs with disclosed descriptions:
- CVE-2026-42504
mime: quadratic complexity in WordDecoder.DecodeHeader - CVE-2026-42507
net/textproto: arbitrary input are included in errors without any escaping - CVE-2026-27145
crypto/x509: split candidate hostname only once
- CVE-2026-42504
Upgrading to the latest version is always advised.
🚀 Summary of changes for CEv2.13.7 (patch)
Recommended security upgrade addressing several vulnerabilities by the Go team
- Upgraded Go to 1.25.11, addressing several CVEs with disclosed descriptions:
- CVE-2026-42504
mime: quadratic complexity in WordDecoder.DecodeHeader - CVE-2026-42507
net/textproto: arbitrary input are included in errors without any escaping - CVE-2026-27145
crypto/x509: split candidate hostname only once
- CVE-2026-42504
Upgrading to the latest version is always advised.
Categories:
Product UpdatesSecurity