CVE Vulnerabilities

CVE-2025-4673

Published: Jun 11, 2025 | Modified: Jun 12, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
6.8 MODERATE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Ubuntu
MEDIUM

Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.

Affected Software

Name Vendor Start Version End Version
Red Hat Enterprise Linux 10 RedHat golang-0:1.24.4-1.el10_0 *
Red Hat Enterprise Linux 8 RedHat go-toolset:rhel8-8100020250705224704.a3795dee *
Red Hat Enterprise Linux 9 RedHat golang-0:1.24.4-1.el9_6 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/opentelemetry-collector-rhel8:sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/opentelemetry-rhel8-operator:sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8:sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8:sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/tempo-gateway-rhel8:sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8:sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/tempo-query-rhel8:sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/tempo-rhel8:sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675 *
Red Hat OpenShift distributed tracing 3.6.1 RedHat registry.redhat.io/rhosdt/tempo-rhel8-operator:sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0 *
Golang-1.22 Ubuntu jammy *
Golang-1.22 Ubuntu noble *
Golang-1.22 Ubuntu oracular *
Golang-1.23 Ubuntu oracular *

References