netlify (=22.3.0), netlify-cli (>=22.2.2-pre.dd189fc <=22.3.0-pre.81558e5) potentially affected by CVE-2025-54387 via ipx (=3.0.3)

ipx NPM version =3.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on ipx and may be impacted: - netlify =22.3.0 - netlify-cli =22.2.2-pre.dd189fc, =22.3.0-pre.81558e5 Source cves: CVE-2025-54387 Source advisory: SNYK:JS-IPX-11483961...

@cssninja/nuxt-media-viewer (>=0.0.1 <=0.0.15), @enab/uipkg (>=0.0.2-beta.0 <=0.0.2-beta.23) +4 more potentially affected by CVE-2025-54387 via ipx (>=1.0.0-2 <=1.1.0)

ipx NPM version =1.0.0-2, =0.0.1, =0.0.2-beta.0, =0.1.0, =1.0.0-27821548.ab054e4, =0.0.3, =0.0.4-beta-6 Source cves: CVE-2025-54387 Source advisory: SNYK:JS-IPX-11483961...

@mastra/deployer-netlify (>=0.0.0-a2a-20250421213654 <=0.10.5), @rr0/cms (>=0.3.23 <=0.3.29) +14 more potentially affected by CVE-2025-54387 via ipx (>=2.0.1 <=2.1.0)

ipx NPM version =2.0.1, =0.0.0-a2a-20250421213654, =0.3.23, =1.1.6, =4.0.0, =2.0.3, =0.0.23, =1.0.0, =1.0.2, =21.5.0, =17.4.0, =0.0.7, =0.0.13 - tmp-package-registry =1.0.0 and more Source cves: CVE-2025-54387 Source advisory: SNYK:JS-IPX-11483961...

CVE-2025-54387

IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path...

CVE-2025-54387 IPX is Vulnerable to Path Traversal via Prefix Matching Bypass

IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path...

CVE-2025-54387

IPX is an image optimizer (UnJS) vulnerable to a path-prefix bypass in its directory-check logic. Affected versions: 1.3.1 and earlier; 2.0.0-0 to 2.1.0; 3.0.0 to 3.1.0. The vulnerability allows bypassing allowed-directory checks via raw prefix comparison, potentially enabling access to files out...

netlify (=22.3.0), netlify-cli (>=22.2.2-pre.dd189fc <=22.3.0-pre.81558e5) potentially affected by CVE-2025-54387 via ipx (=3.0.3)

ipx NPM version =3.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on ipx and may be impacted: - netlify =22.3.0 - netlify-cli =22.2.2-pre.dd189fc, =22.3.0-pre.81558e5 Source cves: CVE-2025-54387 Source advisory: OSV:GHSA-MM3P-J368-7JCR...

@mastra/deployer-netlify (>=0.0.0-a2a-20250421213654 <=0.10.5), @rr0/cms (>=0.3.23 <=0.3.29) +14 more potentially affected by CVE-2025-54387 via ipx (>=2.0.1 <=2.1.0)

ipx NPM version =2.0.1, =0.0.0-a2a-20250421213654, =0.3.23, =1.1.6, =4.0.0, =2.0.3, =0.0.23, =1.0.0, =1.0.2, =21.5.0, =17.4.0, =0.0.7, =0.0.13 - tmp-package-registry =1.0.0 and more Source cves: CVE-2025-54387 Source advisory: OSV:GHSA-MM3P-J368-7JCR...

CVE-2022-39239 nefly-ipx subject to Server-Side Request Forgery and Stored Cross-Site Scripting via Cache Poisoning and Improper Host Validation

netlify-ipx is an on-Demand image optimization for Netlify using ipx. In versions prior to 1.2.3, an attacker can bypass the source image domain allowlist by sending specially crafted headers, causing the handler to load and return arbitrary images. Because the response is cached globally, this...

PT-2022-24833 · Netlify · Netlify-Ipx

Name of the Vulnerable Software and Affected Versions: netlify-ipx versions prior to 1.2.3 Description: The issue allows an attacker to bypass the source image domain allowlist by sending specially crafted headers, causing the handler to load and return arbitrary images. Because the response is...