CVE-2026-39825
Public on 2026-05-07
Modified on 2026-05-08
Description
ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery's limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query "a1=x&a2=x&...&a10000=x&hidden=y" can forward the parameter "hidden=y" while hiding it from the proxy's Rewrite function.
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 2 - Core | amazon-cloudwatch-agent | Pending Fix | ||
| Amazon Linux 2023 | amazon-cloudwatch-agent | 2026-05-26 | ALAS2023-2026-1747 | Fixed |
| Amazon Linux 2 - Docker Extra | amazon-ecr-credential-helper | 2026-05-26 | ALAS2DOCKER-2026-121 | Fixed |
| Amazon Linux 2 - Ecs Extra | amazon-ecr-credential-helper | 2026-05-26 | ALAS2ECS-2026-117 | Fixed |
| Amazon Linux 2 - Aws-nitro-enclaves-cli Extra | amazon-ecr-credential-helper | 2026-05-26 | ALAS2NITRO-ENCLAVES-2026-106 | Fixed |
| Amazon Linux 2023 | amazon-ecr-credential-helper | 2026-05-26 | ALAS2023-2026-1738 | Fixed |
| Amazon Linux 2 - Core | amazon-ssm-agent | Not Affected | ||
| Amazon Linux 2023 | amazon-ssm-agent | Not Affected | ||
| Amazon Linux 2 - Core | cni-plugins | Pending Fix | ||
| Amazon Linux 2023 | cni-plugins | Pending Fix | ||
| Amazon Linux 2 - Docker Extra | containerd | 2026-05-26 | ALAS2DOCKER-2026-120 | Fixed |
| Amazon Linux 2 - Ecs Extra | containerd | 2026-05-26 | ALAS2ECS-2026-116 | Fixed |
| Amazon Linux 2 - Aws-nitro-enclaves-cli Extra | containerd | 2026-05-26 | ALAS2NITRO-ENCLAVES-2026-105 | Fixed |
| Amazon Linux 2023 | containerd | 2026-05-26 | ALAS2023-2026-1737 | Fixed |
| Amazon Linux 2023 | credentials-fetcher | 2026-05-26 | ALAS2023-2026-1744 | Fixed |
| Amazon Linux 2 - Core | cri-tools | Pending Fix | ||
| Amazon Linux 2 - Docker Extra | docker | 2026-05-26 | ALAS2DOCKER-2026-119 | Fixed |
| Amazon Linux 2 - Ecs Extra | docker | 2026-05-26 | ALAS2ECS-2026-115 | Fixed |
| Amazon Linux 2 - Aws-nitro-enclaves-cli Extra | docker | 2026-05-26 | ALAS2NITRO-ENCLAVES-2026-104 | Fixed |
| Amazon Linux 2023 | docker | 2026-05-26 | ALAS2023-2026-1736 | Fixed |
| Amazon Linux 2 - Ecs Extra | ecs-init | Pending Fix | ||
| Amazon Linux 2023 | ecs-init | Pending Fix | ||
| Amazon Linux 2023 | git-lfs | Pending Fix | ||
| Amazon Linux 2 - Golang1.11 Extra | golang | No Fix Planned | ||
| Amazon Linux 2 - Golang1.19 Extra | golang | No Fix Planned | ||
| Amazon Linux 2 - Golang1.9 Extra | golang | No Fix Planned | ||
| Amazon Linux 2 - Core | golang | 2026-05-26 | ALAS2-2026-3313 | Fixed |
| Amazon Linux 2023 | golang | 2026-05-26 | ALAS2023-2026-1743 | Fixed |
| Amazon Linux 2023 | golang-github-burntsushi-toml | 2026-05-26 | ALAS2023-2026-1751 | Fixed |
| Amazon Linux 2023 | golang-github-burntsushi-toml-test | 2026-05-26 | ALAS2023-2026-1750 | Fixed |
| Amazon Linux 2023 | golang-github-cpuguy83-md2man | 2026-05-26 | ALAS2023-2026-1749 | Fixed |
| Amazon Linux 2 - Core | golist | 2026-05-26 | ALAS2-2026-3308 | Fixed |
| Amazon Linux 2023 | golist | 2026-05-26 | ALAS2023-2026-1742 | Fixed |
| Amazon Linux 2023 | libcap | Pending Fix | ||
| Amazon Linux 2 - Core | nerdctl | 2026-05-26 | ALAS2-2026-3319 | Fixed |
| Amazon Linux 2023 | nerdctl | 2026-05-26 | ALAS2023-2026-1735 | Fixed |
| Amazon Linux 2 - Docker Extra | oci-add-hooks | 2026-05-26 | ALAS2DOCKER-2026-122 | Fixed |
| Amazon Linux 2 - Ecs Extra | oci-add-hooks | 2026-05-26 | ALAS2ECS-2026-118 | Fixed |
| Amazon Linux 2 - Aws-nitro-enclaves-cli Extra | oci-add-hooks | 2026-05-26 | ALAS2NITRO-ENCLAVES-2026-107 | Fixed |
| Amazon Linux 2023 | oci-add-hooks | 2026-05-26 | ALAS2023-2026-1739 | Fixed |
| Amazon Linux 2 - Core | rclone | Pending Fix | ||
| Amazon Linux 2023 | rclone | Pending Fix | ||
| Amazon Linux 2 - Docker Extra | runc | 2026-05-26 | ALAS2DOCKER-2026-125 | Fixed |
| Amazon Linux 2 - Ecs Extra | runc | 2026-05-26 | ALAS2ECS-2026-119 | Fixed |
| Amazon Linux 2 - Aws-nitro-enclaves-cli Extra | runc | 2026-05-26 | ALAS2NITRO-ENCLAVES-2026-103 | Fixed |
| Amazon Linux 2023 | runc | 2026-05-26 | ALAS2023-2026-1715 | Fixed |
| Amazon Linux 2 - Docker Extra | runfinch-finch | 2026-05-26 | ALAS2DOCKER-2026-124 | Fixed |
| Amazon Linux 2023 | runfinch-finch | 2026-05-26 | ALAS2023-2026-1741 | Fixed |
| Amazon Linux 2 - Docker Extra | soci-snapshotter | 2026-05-26 | ALAS2DOCKER-2026-123 | Fixed |
| Amazon Linux 2023 | soci-snapshotter | 2026-05-26 | ALAS2023-2026-1740 | Fixed |
| Amazon Linux 2023 | yq | Pending Fix |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |