{"id":"CVE-2025-22870","details":"Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.","aliases":["GHSA-qxp5-gwg8-xv66","GO-2025-3503"],"modified":"2026-04-16T04:32:40.552306289Z","published":"2025-03-12T19:15:38Z","related":["CGA-cfr8-97rg-xjpc","SUSE-SU-2025:01731-1","SUSE-SU-2025:01985-1","SUSE-SU-2025:01987-1","SUSE-SU-2025:01988-1","SUSE-SU-2025:01989-1","SUSE-SU-2025:01990-1","SUSE-SU-2025:01991-1","SUSE-SU-2025:01992-1","SUSE-SU-2025:02014-1","SUSE-SU-2025:03159-1","SUSE-SU-2025:0802-1","SUSE-SU-2025:0803-1","SUSE-SU-2025:0866-1","SUSE-SU-2025:0873-1","SUSE-SU-2025:0980-1","SUSE-SU-2025:1007-1","SUSE-SU-2025:1055-1","SUSE-SU-2025:1094-1","SUSE-SU-2025:1333-1","SUSE-SU-2025:20179-1","SUSE-SU-2025:20184-1","SUSE-SU-2025:20196-1","SUSE-SU-2025:20210-1","SUSE-SU-2025:20278-1","SUSE-SU-2025:20328-1","SUSE-SU-2025:20373-1","SUSE-SU-2025:20504-1","SUSE-SU-2025:20515-1","SUSE-SU-2026:0439-1","SUSE-SU-2026:0592-1","openSUSE-SU-2025:14855-1","openSUSE-SU-2025:14856-1","openSUSE-SU-2025:14863-1","openSUSE-SU-2025:14867-1","openSUSE-SU-2025:14889-1","openSUSE-SU-2025:14906-1","openSUSE-SU-2025:14909-1","openSUSE-SU-2025:14918-1","openSUSE-SU-2025:14988-1","openSUSE-SU-2025:15041-1","openSUSE-SU-2025:15054-1","openSUSE-SU-2025:15145-1","openSUSE-SU-2025:15162-1","openSUSE-SU-2025:15178-1","openSUSE-SU-2025:15253-1","openSUSE-SU-2025:15487-1","openSUSE-SU-2025:15779-1","openSUSE-SU-2025:20177-1","openSUSE-SU-2026:10230-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20250509-0007/"},{"type":"WEB","url":"https://go.dev/cl/654697"},{"type":"WEB","url":"https://go.dev/issue/71984"},{"type":"WEB","url":"https://pkg.go.dev/vuln/GO-2025-3503"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2025/03/07/2"}],"schema_version":"1.7.5"}