VDB
CGA-f334-mh93-v4hf
CGA-f334-mh93-v4hf
REJECTED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chainguard | kubernetes-pause-1.29 | 0, 0, 0 |
| Chainguard | kubeadm-1.29 | 0, 0, 0 |
| Chainguard | kubectl-bash-completion-1.29 | 0, 0, 0 |
| Chainguard | kubelet-1.29 | 0, 0, 0 |
| Chainguard | kubelet-1.29-default | 0, 0, 0 |
| Chainguard | kubernetes-1.29-default | 0, 0, 0 |
| Chainguard | kubernetes-1.29 | 0, 0, 0 |
| Chainguard | kube-scheduler-1.29 | 0, 0, 0 |
| Chainguard | kubernetes-pause-compat-1.29 | 0, 0, 0 |
| Chainguard | kube-controller-manager-1.29 | 0, 0, 0 |
| Chainguard | kube-controller-manager-1.29-default | 0, 0, 0 |
| Chainguard | kube-proxy-1.29-default | 0, 0, 0 |
| Chainguard | kubectl-1.29-bitnami-compat | 0, 0, 0 |
| Chainguard | kube-apiserver-1.29-default | 0, 0, 0 |
| Chainguard | kubectl-1.29-default | 0, 0, 0 |
| Chainguard | kube-proxy-1.29 | 0, 0, 0 |
| Chainguard | kube-scheduler-1.29-default | 0, 0, 0 |
| Chainguard | kubectl-1.29 | 0, 0, 0 |
| Chainguard | kube-proxy-1.29-default-compat | 0, 0, 0 |
| Chainguard | kubeadm-1.29-default | 0, 0, 0 |
…and 1 more
Exploit Intelligence
- Proof-of-concept for CVE-2025-22870 demonstrating HTTP proxy bypass in vulnerable versions (<0.36.0) of golang.org/x/net/http/httpproxy. Exploits improper IPv6 zone ID parsing to evade NO_PROXY restrictions, enabling proxy bypass and potential SSRF under misconfigured environments. (github-poc)
- CHANGELOG-v1.73.1.yml (github-poc)
- scan.openvex.json (github-poc)
Timeline
- Jan 28, 2026 CVE Rejected