CVE-2025-4673 | Google Go up to 1.23.9/1.24.3 net-http Proxy-Authorization/Proxy-Authenticate cross-domain policy

Inserito da Angelo Barbosa | Giu 6, 2025 | CVE

A vulnerability was found in Google Go up to 1.23.9/1.24.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component net-http. The manipulation of the argument Proxy-Authorization/Proxy-Authenticate leads to permissive cross-domain policy with untrusted domains.

This vulnerability is handled as CVE-2025-4673. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-4673 | Google Go up to 1.23.9/1.24.3 net-http Proxy-Authorization/Proxy-Authenticate cross-domain policy

Post correlati

CVE-2024-1853 | Zemena AntiLogger 2.74.204.664 IOCTL zam64.sys unverified ownership

CVE-2023-49574 | Flexense VX Search Enterprise 10.2.14 /add_job job_name cross site scripting

CVE-2023-48427 | Siemens SINEC INS up to 1.0 SP2 Update 1 UMC Server certificate validation (ssa-077170)

CVE-2023-51034 | Totolink EX1200L 9.3.5u.6146_B20201023 cstecgi.cgi UploadFirmwareFile Privilege Escalation