apk package
chainguard/go-1.24
pkg:apk/chainguard/go-1.24
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-4673 | Med | 6.8 | < 1.24.4-r0 | 1.24.4-r0 | Jun 11, 2025 | Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. | |
| CVE-2025-22874 | Hig | 7.5 | < 1.24.4-r0 | 1.24.4-r0 | Jun 11, 2025 | Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. |
- affected < 1.24.4-r0fixed 1.24.4-r0
Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
- affected < 1.24.4-r0fixed 1.24.4-r0
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.