{"uuid": "a9b3d00e-96dc-4ca3-851e-848e49542933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22870", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15838", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22870\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.\n\ud83d\udccf Published: 2025-03-12T18:27:59.376Z\n\ud83d\udccf Modified: 2025-05-09T20:03:37.043Z\n\ud83d\udd17 References:\n1. https://go.dev/cl/654697\n2. https://go.dev/issue/71984\n3. https://pkg.go.dev/vuln/GO-2025-3503", "creation_timestamp": "2025-05-09T20:26:14.000000Z"}