Sign In

CVE-2025-22870

ADVISORY - github

Summary

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.

EPSS Scoreโ : 0.00023 (0.053)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-115โ 

Misinterpretation of Input

ADVISORY - github

CWE-115โ 

Misinterpretation of Input

CWE-20โ 

Improper Input Validation

ADVISORY - gitlab

CWE-1035โ 

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-115โ 

Misinterpretation of Input

CWE-20โ 

Improper Input Validation

CWE-937โ 

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

ADVISORY - redhat

CWE-20โ 

Improper Input Validation

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in