CVE-2025-22873

Golang

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-22873 refers to a vulnerability in the tokenizer that incorrectly interprets tags. Specifically, it affects tags with unquoted attribute values ending with a solidus character (/). This can lead to the tags being incorrectly marked as self-closing. When using the Parse functions, content following such tags might be placed in the wrong scope during DOM construction. However, this only occurs when the tags are in foreign content contexts such as `<math>` or `<svg>`.

Description
-

Social media

Hype score
Not currently trending

  1. ⚠️ Urgent #Fedora 41 Update! Gum 0.16.1 fixes CVE-2025-22873—a major security flaw. Patch now: Read more: 👉 https://t.co/kCqUdoNLYS #LinuxSecurity #DevOps https://t.co/a87jpRcmkv

    @Cezar_H_Linux

    29 Jun 2025

    52 Impressions

    1 Retweet

    2 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  2. 🥳 Go 1.24.3 and 1.23.9 are released! 🔒 Security: Includes a security fix for os (CVE-2025-22873). 📢 Announcement: https://t.co/NSlb8YpByl 📦 Download: https://t.co/kdscQdOrVL #golang https://t.co/DCpPjhDopW

    @golang

    6 May 2025

    23298 Impressions

    123 Retweets

    530 Likes

    26 Bookmarks

    3 Replies

    6 Quotes

References

Sources include official advisories and independent security research.