VDB
CGA-4xgp-46w2-23wx
CGA-4xgp-46w2-23wx
REJECTED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chainguard | eks-distro-kubernetes-csi-external-snapshot-controller-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kube-proxy-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kubernetes-csi-external-provisioner-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kube-scheduler-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kubernetes-csi-livenessprobe-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-coredns-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kube-controller-manager-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kube-apiserver-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kubernetes-csi-node-driver-registrar-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kubernetes-csi-external-attacher-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kubernetes-csi-external-snapshotter-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-kubernetes-csi-external-resizer-fips-1.32 | 0, 0, 0 |
| Chainguard | eks-distro-fips-1.32 | 0, 0, 0 |
Exploit Intelligence
- Proof-of-concept for CVE-2025-22870 demonstrating HTTP proxy bypass in vulnerable versions (<0.36.0) of golang.org/x/net/http/httpproxy. Exploits improper IPv6 zone ID parsing to evade NO_PROXY restrictions, enabling proxy bypass and potential SSRF under misconfigured environments. (github-poc)
- CHANGELOG-v1.73.1.yml (github-poc)
- scan.openvex.json (github-poc)
Timeline
- Jan 28, 2026 CVE Rejected