CVE-2025-22870 – Apache Proxy IPv6 Hostname Matching Vulnerability

March 12, 2025
9:17 pm

CVE ID : CVE-2025-22870

Published : March 12, 2025, 7:15 p.m. | 1 hour, 40 minutes ago

Description : Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to “*.example.com”, a request to “[::1%25.example.com]:80` will incorrectly match and not be proxied.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-22870 – Apache Proxy IPv6 Hostname Matching Vulnerability

Elvescore.io

Recent Posts

CVE-2025-0114 – Palo Alto Networks PAN-OS GlobalProtect Denial of Service Vulnerability

CVE-2025-0115 – Palo Alto Networks PAN-OS CLI File Disclosure Vulnerability

CVE-2025-0116 – Palo Alto Networks PAN-OS LLDP Frame Denial of Service

CVE-2025-0117 – Pulse Secure GlobalProtect Windows Privilege Escalation Vulnerability

CVE-2025-0118 – Palo Alto Networks GlobalProtect Windows ActiveX RCE

CVE-2025-22870 – Apache Proxy IPv6 Hostname Matching Vulnerability

CVE-2025-22870 – Apache Proxy IPv6 Hostname Matching Vulnerability

CVE-2025-22870 – Apache Proxy IPv6 Hostname Matching Vulnerability