Security Bulletin: IBM Event Streams is vulnerable to proxy bypass

Summary IBM Event Streams is vulnerable to proxy bypass due to improper handling of IPv6 zoneID CVE-2025-22870 Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPRO...

AZL-56046 CVE-2024-45341 affecting package golang for versions less than 1.18.8-5

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...