- Description
- Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
- Source
- security@golang.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.8
- Impact score
- 4
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
CVE-2025-4673 Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. https://t.co/PKDgvCiTNj
@CVEnew
11 Jun 2025
304 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
๐ URGENT: #openSUSE Leap 15.6 patches critical #GoLang vulnerabilities (CVE-2025-22874, CVE-2025-0913, CVE-2025-4673). ๐ Impacts: โ Certificate validation bypass โ HTTP header leaks โ Permission flaws Read more : ๐https://t.co/tD2CaU1AV8 https://t.co/GCarji7v1R
@Cezar_H_Linux
10 Jun 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Mageia9 patches 3 Golang CVEs: โ Proxy-Auth header leaks (CVE-2025-4673) โ Symlink handling flaws (CVE-2025-0913) โ x509 policy bypass (CVE-2025-22874) Read more: ๐ https://t.co/6AmFFJ5tkT #DevSecOps https://t.co/hzSlkXsB2B
@Cezar_H_Linux
10 Jun 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
๐ Go 1.24.4 and 1.23.10 are released! ๐ Security: Includes security fixes for CVE-2025-4673, CVE-2025-0913, and CVE-2025-22874 in net/http, os, and crypto/x509. ๐ฐ Announcement: https://t.co/C3AeYy8ZX8 ๐ฆ Download: https://t.co/5hObjouLtK #golang https://t.co/NyEeP3
@golang
5 Jun 2025
18043 Impressions
101 Retweets
443 Likes
26 Bookmarks
4 Replies
4 Quotes