VDB
MINI-j75q-vvf2-x25c
MINI-j75q-vvf2-x25c
PUBLISHED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| MinimOS | harbor-2.11 | 0, 0 |
| MinimOS | harbor-2.11-portal | 0, 0 |
| MinimOS | harbor-2.11-jobservice | 0, 0 |
| MinimOS | harbor-2.11-portal-nginx-config | 0, 0 |
| MinimOS | harbor-2.11-registryctl | 0, 0 |
Exploit Intelligence
- Proof-of-concept for CVE-2025-22870 demonstrating HTTP proxy bypass in vulnerable versions (<0.36.0) of golang.org/x/net/http/httpproxy. Exploits improper IPv6 zone ID parsing to evade NO_PROXY restrictions, enabling proxy bypass and potential SSRF under misconfigured environments. (github-poc)
- CHANGELOG-v1.73.1.yml (github-poc)
- scan.openvex.json (github-poc)
Timeline
- Jun 24, 2025 CVE Published
- Jun 24, 2025 CVE Updated