CVE-2025-22870

EUVD-2025-6690
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
Debian logo
Debian Releases
Debian Product
Codename
golang-1.15
bullseye
postponed
golang-1.19
bookworm
no-dsa
golang-1.24
trixie
1.24.4-1
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
amazon-ssm-agent
suse enterprise sap 12
3.3.1611.0-4.39.1
fixed
suse enterprise sap 12 SP3
3.3.1611.0-4.39.1
fixed
suse enterprise sap 12 SP4
3.3.1611.0-4.39.1
fixed
suse enterprise sap 12 SP5
3.3.1611.0-4.39.1
fixed
suse enterprise server 12
3.3.1611.0-4.39.1
fixed
suse enterprise server 12 SP3
3.3.1611.0-4.39.1
fixed
suse enterprise server 12 SP4
3.3.1611.0-4.39.1
fixed
suse enterprise server 12 SP5
3.3.1611.0-4.39.1
fixed
suse enterprise server 15 SP4
3.3.1611.0-150000.5.23.1
fixed
apptainer
suse enterprise server 15 SP6
1.4.5-150600.4.12.1
fixed
apptainer-sle15_6
suse enterprise server 15 SP6
1.4.5-150600.4.12.1
fixed
cosign
suse enterprise desktop 15 SP6
2.5.0-150400.3.27.1
fixed
suse enterprise desktop 15 SP7
2.5.0-150400.3.27.1
fixed
suse enterprise sap 15 SP6
2.5.0-150400.3.27.1
fixed
suse enterprise sap 15 SP7
2.5.0-150400.3.27.1
fixed
suse enterprise server 15 SP4
2.5.0-150400.3.27.1
fixed
suse enterprise server 15 SP5
2.5.0-150400.3.27.1
fixed
suse enterprise server 15 SP6
2.5.0-150400.3.27.1
fixed
suse enterprise server 15 SP7
2.5.0-150400.3.27.1
fixed
cosign-bash-completion
suse enterprise desktop 15 SP7
2.5.0-150400.3.27.1
fixed
suse enterprise sap 15 SP7
2.5.0-150400.3.27.1
fixed
suse enterprise server 15 SP7
2.5.0-150400.3.27.1
fixed
cosign-zsh-completion
suse enterprise desktop 15 SP7
2.5.0-150400.3.27.1
fixed
suse enterprise sap 15 SP7
2.5.0-150400.3.27.1
fixed
suse enterprise server 15 SP7
2.5.0-150400.3.27.1
fixed
golang-github-prometheus-node_exporter
suse enterprise desktop 15 SP6
1.9.1-150100.3.35.2
fixed
suse enterprise desktop 15 SP7
1.9.1-150100.3.35.2
fixed
suse enterprise sap 15 SP6
1.9.1-150100.3.35.2
fixed
suse enterprise sap 15 SP7
1.9.1-150100.3.35.2
fixed
suse enterprise server 12 SP5
1.9.1-1.36.2
fixed
suse enterprise server 15 SP3
1.9.1-150100.3.35.2
fixed
suse enterprise server 15 SP4
1.9.1-150100.3.35.2
fixed
suse enterprise server 15 SP5
1.9.1-150100.3.35.2
fixed
suse enterprise server 15 SP6
1.9.1-150100.3.35.2
fixed
suse enterprise server 15 SP7
1.9.1-150100.3.35.2
fixed
helm
suse enterprise desktop 15 SP7
3.17.2-150000.1.44.1
fixed
suse enterprise sap 15 SP6
3.17.2-150000.1.44.1
fixed
suse enterprise sap 15 SP7
3.17.2-150000.1.44.1
fixed
suse enterprise server 15 SP4
3.17.2-150000.1.44.1
fixed
suse enterprise server 15 SP6
3.17.2-150000.1.44.1
fixed
suse enterprise server 15 SP7
3.17.2-150000.1.44.1
fixed
helm-bash-completion
suse enterprise sap 15 SP6
3.17.2-150000.1.44.1
fixed
suse enterprise sap 15 SP7
3.17.2-150000.1.44.1
fixed
suse enterprise server 15 SP4
3.17.2-150000.1.44.1
fixed
suse enterprise server 15 SP6
3.17.2-150000.1.44.1
fixed
suse enterprise server 15 SP7
3.17.2-150000.1.44.1
fixed
helm-zsh-completion
suse enterprise sap 15 SP6
3.17.2-150000.1.44.1
fixed
suse enterprise sap 15 SP7
3.17.2-150000.1.44.1
fixed
suse enterprise server 15 SP4
3.17.2-150000.1.44.1
fixed
suse enterprise server 15 SP6
3.17.2-150000.1.44.1
fixed
suse enterprise server 15 SP7
3.17.2-150000.1.44.1
fixed
libsquashfuse0
suse enterprise server 15 SP6
0.5.0-150600.3.2.1
fixed
skopeo
suse enterprise desktop 15 SP6
1.14.4-150300.11.22.1
fixed
suse enterprise desktop 15 SP7
1.14.4-150300.11.22.1
fixed
suse enterprise sap 15 SP6
1.14.4-150300.11.22.1
fixed
suse enterprise sap 15 SP7
1.14.4-150300.11.22.1
fixed
suse enterprise server 15 SP4
1.14.4-150300.11.22.1
fixed
suse enterprise server 15 SP6
1.14.4-150300.11.22.1
fixed
suse enterprise server 15 SP7
1.14.4-150300.11.22.1
fixed
skopeo-bash-completion
suse enterprise desktop 15 SP6
1.14.4-150300.11.22.1
fixed
suse enterprise desktop 15 SP7
1.14.4-150300.11.22.1
fixed
suse enterprise sap 15 SP6
1.14.4-150300.11.22.1
fixed
suse enterprise sap 15 SP7
1.14.4-150300.11.22.1
fixed
suse enterprise server 15 SP6
1.14.4-150300.11.22.1
fixed
suse enterprise server 15 SP7
1.14.4-150300.11.22.1
fixed
skopeo-zsh-completion
suse enterprise desktop 15 SP6
1.14.4-150300.11.22.1
fixed
suse enterprise desktop 15 SP7
1.14.4-150300.11.22.1
fixed
suse enterprise sap 15 SP6
1.14.4-150300.11.22.1
fixed
suse enterprise sap 15 SP7
1.14.4-150300.11.22.1
fixed
suse enterprise server 15 SP6
1.14.4-150300.11.22.1
fixed
suse enterprise server 15 SP7
1.14.4-150300.11.22.1
fixed
squashfuse
suse enterprise server 15 SP6
0.5.0-150600.3.2.1
fixed
squashfuse-tools
suse enterprise server 15 SP6
0.5.0-150600.3.2.1
fixed
Common Weakness Enumeration
References
https://go.dev/cl/654697
https://go.dev/issue/71984
https://groups.google.com/g/golang-announce/c/4t3lzH3I0eI/m/b42ImqrBAQAJ
https://pkg.go.dev/vuln/GO-2025-3503
http://www.openwall.com/lists/oss-security/2025/03/07/2
https://security.netapp.com/advisory/ntap-20250509-0007/