GO-2025-4179
- Source
- https://pkg.go.dev/vuln/GO-2025-4179
- Import Source
- https://vuln.go.dev/ID/GO-2025-4179.json
- JSON Data
- https://api.osv.dev/v1/vulns/GO-2025-4179
- Aliases
- Published
- 2025-12-08T21:31:36Z
- Modified
- 2026-03-03T04:57:44.397256Z
- Summary
- Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode in github.com/docker/mcp-gateway
- Details
-
Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode in github.com/docker/mcp-gateway
- Database specific
{ "url": "https://pkg.go.dev/vuln/GO-2025-4179", "review_status": "UNREVIEWED" }- References
-
- https://github.com/docker/mcp-gateway/security/advisories/GHSA-46gc-mwh4-cc5r
- https://nvd.nist.gov/vuln/detail/CVE-2025-64443
- https://github.com/docker/mcp-gateway/commit/6b076b2479d8d1345c50c112119c62978d46858e
- https://github.com/docker/mcp-gateway/commit/fe073985c8eb6e0c9317d2f198c07686f70ea06d
- https://github.com/docker/mcp-gateway/pull/190
- https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#security-warning
Affected packages
Go / github.com/docker/mcp-gateway
Package
- Name
- github.com/docker/mcp-gateway
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/docker/mcp-gateway