Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-apff-aff9-eueq

Summary

HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.

Aliases

alias	CVE-2025-22870

alias	GHSA-qxp5-gwg8-xv66

Fixed_packages

url	pkg:apk/alpine/go@1.23.7-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/go@1.23.7-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.23.7-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/go@1.23.7-r0?arch=s390x&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/go@1.23.7-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.23.7-r0%3Farch=s390x&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/go@1.23.7-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/go@1.23.7-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.23.7-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/go@1.23.7-r0?arch=armhf&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/go@1.23.7-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.23.7-r0%3Farch=armhf&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/go@1.23.7-r0?arch=armv7&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/go@1.23.7-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.23.7-r0%3Farch=armv7&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/go@1.23.7-r0?arch=x86&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/go@1.23.7-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.23.7-r0%3Farch=x86&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/go@1.23.7-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/go@1.23.7-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.23.7-r0%3Farch=x86_64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/go@1.23.7-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/go@1.23.7-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.23.7-r0%3Farch=aarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/go@1.23.7-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/go@1.23.7-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.23.7-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=ppc64le&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=ppc64le&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=aarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=armhf&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=armv7&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=armv7&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=s390x&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=s390x&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=x86&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=x86&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=x86_64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=loongarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=loongarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=x86_64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=armv7&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=armhf&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=armhf&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=riscv64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=s390x&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=x86&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=x86&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=aarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=aarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=armhf&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=armhf&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=armv7&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=armv7&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=riscv64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=riscv64&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=s390x&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=s390x&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=x86&distroversion=edge&reponame=community

url	pkg:apk/alpine/go@1.24.1-r0?arch=x86_64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/go@1.24.1-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.24.1-r0%3Farch=x86_64&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=riscv64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=s390x&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=x86&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=x86_64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=aarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=aarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=armhf&distroversion=edge&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=armhf&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=armv7&distroversion=edge&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=armv7&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=loongarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=loongarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=ppc64le&distroversion=edge&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=ppc64le&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=riscv64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=riscv64&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=s390x&distroversion=edge&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=s390x&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=x86&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=armhf&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=armv7&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=armv7&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=s390x&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=s390x&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=armhf&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=armhf&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=armv7&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86_64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=x86_64&distroversion=edge&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=aarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=x86&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/rclone@1.69.2-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.69.2-r0%3Farch=x86_64&distroversion=v3.22&reponame=community

url	pkg:deb/debian/golang-1.24@1.24.1-1?distro=trixie
purl	pkg:deb/debian/golang-1.24@1.24.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.24@1.24.1-1%3Fdistro=trixie

url pkg:deb/debian/golang-1.24@1.24.4-1?distro=trixie

purl pkg:deb/debian/golang-1.24@1.24.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1aty-87pz-5yb8

vulnerability	VCID-254d-pjst-c7hx

vulnerability	VCID-3nqb-6mna-jyb4

vulnerability	VCID-5n8q-zcds-gyen

vulnerability	VCID-5q9b-a7c4-1yht

vulnerability	VCID-7n3z-vwk2-3ydr

vulnerability	VCID-9ky3-s2vk-cuge

vulnerability	VCID-br2f-7ux9-hkhg

vulnerability	VCID-bv1f-bee8-cbek

vulnerability	VCID-csmt-e61b-tued

vulnerability	VCID-dp1t-v58b-43du

vulnerability	VCID-dtt9-gmqf-nbaf

vulnerability	VCID-eyev-qpgs-hfbx

vulnerability	VCID-hay4-q9m3-ekdj

vulnerability	VCID-je6z-v5qw-ufew

vulnerability	VCID-mvsr-c2yh-mbdq

vulnerability	VCID-q9yj-ze4x-qyfr

vulnerability	VCID-rvbr-nser-sfe7

vulnerability	VCID-sb3w-x3yv-ffft

vulnerability	VCID-t2dr-6dz3-7qgt

vulnerability	VCID-usyf-s559-pkgx

vulnerability	VCID-wchc-as62-1fae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.24@1.24.4-1%3Fdistro=trixie

url	pkg:deb/debian/golang-1.24@1.24.13-2?distro=trixie
purl	pkg:deb/debian/golang-1.24@1.24.13-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.24@1.24.13-2%3Fdistro=trixie

url	pkg:golang/golang.org/x/net@0.36.0
purl	pkg:golang/golang.org/x/net@0.36.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/golang.org/x/net@0.36.0

Affected_packages

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22870.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22870.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-22870

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06273
published_at	2026-04-18T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07105
published_at	2026-04-02T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07183
published_at	2026-04-08T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07129
published_at	2026-04-07T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07154
published_at	2026-04-04T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07211
published_at	2026-04-11T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07214
published_at	2026-04-09T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08644
published_at	2026-04-16T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09774
published_at	2026-04-13T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18892
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-22870

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22870
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22870

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://go.dev/cl/654697

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:31:16Z/

url

https://go.dev/cl/654697

reference_url

https://go.dev/issue/71984

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:31:16Z/

url

https://go.dev/issue/71984

reference_url

https://go-review.googlesource.com/q/project:net

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://go-review.googlesource.com/q/project:net

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-22870

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-22870

reference_url

https://pkg.go.dev/vuln/GO-2025-3503

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:31:16Z/

url

https://pkg.go.dev/vuln/GO-2025-3503

reference_url

https://security.netapp.com/advisory/ntap-20250509-0007

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20250509-0007

reference_url

http://www.openwall.com/lists/oss-security/2025/03/07/2

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/03/07/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2351766
reference_id	2351766
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2351766

reference_url

https://groups.google.com/g/golang-announce/c/4t3lzH3I0eI/m/b42ImqrBAQAJ

reference_id

b42ImqrBAQAJ

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:31:16Z/

url

https://groups.google.com/g/golang-announce/c/4t3lzH3I0eI/m/b42ImqrBAQAJ

reference_url	https://access.redhat.com/errata/RHSA-2025:14090
reference_id	RHSA-2025:14090
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14090

reference_url	https://access.redhat.com/errata/RHSA-2025:7616
reference_id	RHSA-2025:7616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7616

reference_url	https://access.redhat.com/errata/RHSA-2026:6503
reference_id	RHSA-2026:6503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6503

reference_url	https://usn.ubuntu.com/7574-1/
reference_id	USN-7574-1
reference_type
scores
url	https://usn.ubuntu.com/7574-1/

Weaknesses

cwe_id	115
name	Misinterpretation of Input
description	The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-apff-aff9-eueq

Vulnerability Instance