{"id":"CVE-2025-4673","details":"Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.","aliases":["BIT-golang-2025-4673","GO-2025-3751"],"modified":"2026-04-16T04:33:02.079089841Z","published":"2025-06-11T17:15:42Z","related":["ALSA-2025:10672","ALSA-2025:10676","ALSA-2025:10677","ALSA-2025:15887","ALSA-2025:16432","CGA-r7wp-pwcp-2fxh","SUSE-SU-2025:01846-1","SUSE-SU-2025:01848-1","SUSE-SU-2025:02120-1","SUSE-SU-2025:03158-1","SUSE-SU-2025:03159-1","openSUSE-SU-2025:15223-1","openSUSE-SU-2025:15224-1","openSUSE-SU-2025:15225-1"],"references":[{"type":"WEB","url":"https://go.dev/cl/679257"},{"type":"WEB","url":"https://go.dev/issue/73816"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"},{"type":"WEB","url":"https://pkg.go.dev/vuln/GO-2025-3751"}],"schema_version":"1.7.5"}