Vulnerability Report: GO-2025-3770
- GHSA-vrw8-fxc6-2r93
- Affects: github.com/go-chi/chi/v5
- Published: Jul 21, 2025
- Modified: Nov 20, 2025
Host header injection which leads to open redirect in RedirectSlashes in github.com/go-chi/chi
For detailed information about this vulnerability, visit https://github.com/go-chi/chi/security/advisories/GHSA-vrw8-fxc6-2r93.
Affected Modules
-
PathGo Versions
-
from v5.2.1 before v5.2.2
Aliases
References
- https://github.com/go-chi/chi/security/advisories/GHSA-vrw8-fxc6-2r93
- https://github.com/go-chi/chi/commit/1be7ad938cc9c5b39a9dea01a5c518848928ab65
- https://vuln.go.dev/ID/GO-2025-3770.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.