{"id":"GO-2025-3770","summary":"Host header injection which leads to open redirect in RedirectSlashes in github.com/go-chi/chi","details":"Host header injection which leads to open redirect in RedirectSlashes in github.com/go-chi/chi","aliases":["GHSA-vrw8-fxc6-2r93"],"modified":"2026-02-04T03:23:17.805370Z","published":"2025-07-21T15:05:07Z","related":["CGA-pfh9-hhcg-hhh3"],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2025-3770","review_status":"REVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/go-chi/chi/security/advisories/GHSA-vrw8-fxc6-2r93"},{"type":"FIX","url":"https://github.com/go-chi/chi/commit/1be7ad938cc9c5b39a9dea01a5c518848928ab65"}],"affected":[{"package":{"name":"github.com/go-chi/chi/v5","ecosystem":"Go","purl":"pkg:golang/github.com/go-chi/chi/v5"},"ranges":[{"type":"SEMVER","events":[{"introduced":"5.2.1"},{"fixed":"5.2.2"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3770.json"}}],"schema_version":"1.7.3"}