Skip to content

x/vulndb: potential Go vuln in golang.org/x/net/http/httpproxy: CVE-2025-22870 #3503

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
alexandrevicenzi opened this issue Mar 6, 2025 · 1 comment
Closed

x/vulndb: potential Go vuln in golang.org/x/net/http/httpproxy: CVE-2025-22870 #3503

alexandrevicenzi opened this issue Mar 6, 2025 · 1 comment
Assignees
@thatnealpatel
Labels
Direct External Report first party triaged

Comments

@alexandrevicenzi
Copy link

CVE ID

CVE-2025-22870

GHSA ID

No response

Additional information

This CVE is reserved, but a fix is already in place.

References:

https://go.dev/issue/71984
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-22870
golang/go#71984
golang/go@334de79
golang/go@25177ec
@thatnealpatel thatnealpatel self-assigned this Mar 10, 2025
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/657195 mentions this issue: data/reports: add GO-2025-3503

gopherbot pushed a commit that referenced this issue Mar 12, 2025
@thatnealpatel @gopherbot
data/reports: add GO-2025-3503
46851c8 
  - data/reports/GO-2025-3503.yaml

Updates #3503

Change-Id: I08801f28887e5f6e6d878b9411fb6a7f65f5c3ef
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/657195
Reviewed-by: Damien Neil <dneil@google.com>
Commit-Queue: Neal Patel <nealpatel@google.com>
Auto-Submit: Neal Patel <nealpatel@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
@thatnealpatel thatnealpatel mentioned this issue Mar 13, 2025
Closed
@GoVulnBot GoVulnBot mentioned this issue Apr 16, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@thatnealpatel thatnealpatel

Labels
Direct External Report first party triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@alexandrevicenzi @gopherbot @thatnealpatel