CVE-2025-22873

Golang

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-22873 refers to a vulnerability in the tokenizer that incorrectly interprets tags. Specifically, it affects tags with unquoted attribute values ending with a solidus character (/). This can lead to the tags being incorrectly marked as self-closing. When using the Parse functions, content following such tags might be placed in the wrong scope during DOM construction. However, this only occurs when the tags are in foreign content contexts such as `<math>` or `<svg>`.

Description
-

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

38

  1. šŸ„³ Go 1.24.3 and 1.23.9 are released! šŸ”’ Security: Includes a security fix for os (CVE-2025-22873). šŸ“¢ Announcement: https://t.co/NSlb8YpByl šŸ“¦ Download: https://t.co/kdscQdOrVL #golang https://t.co/DCpPjhDopW

    @golang

    6 May 2025

    23298 Impressions

    123 Retweets

    530 Likes

    26 Bookmarks

    3 Replies

    6 Quotes

References

Sources include official advisories and independent security research.