CVE-2025-22870 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is se…
Medium CVSS: 4.4

CVE-2025-22870

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
Vendor
-
Product
-
CWE
CWE-115
Yayın Tarihi
2025-03-12 19:15:38
Güncelleme
2025-05-09 20:15:38
Source Identifier
security@golang.org
KEV Date Added
-

Kategoriler

CWE-115 MEDIUM 2025

Referanslar

https://go.dev/cl/654697 https://go.dev/issue/71984 https://pkg.go.dev/vuln/GO-2025-3503 http://www.openwall.com/lists/oss-security/2025/03/07/2 https://security.netapp.com/advisory/ntap-20250509-0007/