Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2025-22870 |
CWE-ID | CWE-20 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software |
Basesystem Module Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system SUSE Linux Enterprise Micro Operating systems & Components / Operating system skopeo-fish-completion Operating systems & Components / Operating system package or component skopeo-bash-completion Operating systems & Components / Operating system package or component skopeo-zsh-completion Operating systems & Components / Operating system package or component skopeo-debuginfo Operating systems & Components / Operating system package or component skopeo Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU106253
Risk: Medium
CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2025-22870
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to alter application's behavior.
The vulnerability exists due to insufficient validation of an IPv6 zone ID as a hostname component, when matching hosts against proxy patterns. For instance the NO_PROXY environment variable is set to "*.example.com", a request to
"[::1%25.example.com]:80` will incorrectly match and not be proxied. A remote attacker can alter application behavior and potentially gain access to sensitive information or functionality.
Update the affected package skopeo to the latest version.
Vulnerable software versionsBasesystem Module: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.3 - 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
SUSE Linux Enterprise Micro: 5.5
skopeo-fish-completion: before 1.14.4-150300.11.22.1
skopeo-bash-completion: before 1.14.4-150300.11.22.1
skopeo-zsh-completion: before 1.14.4-150300.11.22.1
skopeo-debuginfo: before 1.14.4-150300.11.22.1
skopeo: before 1.14.4-150300.11.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20251055-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.