Lucene search
K

6 matches found

Veracode
Veracode
added 2025/09/05 10:12 a.m.4 views

Open Redirection

@astrojs/node is vulnerable to Open Redirection. The vulnerability is due to incorrect handling of double slashes with the Node deployment adapter in standalone mode and trailingSlash set to "always," allowing attackers to redirect users to malicious domains...

6.9CVSS6.9AI score0.00534EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2025/08/15 4:52 p.m.9 views

@astrojs/node's trailing slash handling causes open redirect issue

Summary Following https://github.com/withastro/astro/security/advisories/GHSA-cq8c-xv66-36gw, there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios. Details Astro 5.12.8 fixed a case where https://example.com//astro.build/press would redirect to the external origi...

6.9CVSS7.2AI score0.00534EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/08/15 4:52 p.m.4 views

GHSA-9X9C-GHC5-JHW9 @astrojs/node's trailing slash handling causes open redirect issue

Summary Following https://github.com/withastro/astro/security/advisories/GHSA-cq8c-xv66-36gw, there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios. Details Astro 5.12.8 fixed a case where https://example.com//astro.build/press would redirect to the external origi...

6.9CVSS7.2AI score0.00534EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/15 3:13 p.m.13 views

CVE-2025-55207 @astrojs/node's trailing slash handling causes open redirect issue

Astro is a web framework for content-driven websites. Following CVE-2025-54793 there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios prior to version 9.4.1. Astro 5.12.8 addressed CVE-2025-54793 where https://example.com//astro.build/press would redirect to the...

6.9CVSS0.00534EPSS
Exploits0References2
CVE
CVE
added 2025/08/15 3:13 p.m.16 views

CVE-2025-55207

Astro CVE-2025-55207 describes an Open Redirect vulnerability in certain Astro deployment scenarios. Specifically, when using the Node deployment adapter in standalone mode with trailingSlash set to "always", URLs like https://example.com//astro.build/press can redirect to //astro.build/press, en...

6.9CVSS6AI score0.00534EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.5 views

PT-2025-33494 · Astro · Astro

Name of the Vulnerable Software and Affected Versions: Astro versions prior to 9.4.1 Description: Astro is a web framework for content-driven websites. An open redirect vulnerability exists in certain Astro deployment scenarios. Specifically, when using the Node deployment adapter in standalone...

6.9CVSS7.1AI score0.00534EPSS
Exploits0References8
Rows per page
Query Builder