Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CVE
CVEadded 2025/09/04 11:36 p.m.25 views

CVE-2025-58179

Astro exposes an SSRF flaw in versions 11.0.3–12.6.5 when using the Cloudflare adapter with output: 'server' and the default imageService: 'compile'. The image optimization endpoint does not validate received URLs, enabling content from unauthorized third-party domains to be served. Root cause: a...

7.2CVSS6.2AI score0.00376EPSS
In wildExploits1References2Affected Software1
OSV
OSVadded 2025/09/04 11:36 p.m.2 views

CVE-2025-58179 Astro Cloudflare adapter is vulnerable to Server-Side Request Forgery via /_image endpoint

Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URL...

7.2CVSS6.4AI score0.00376EPSS
Exploits1References4
Rows per page
Query Builder