2 matches found
Astro 代码问题漏洞
Astro is an Astro open source web framework for content-driven websites. A code issue vulnerability exists in Astro versions 11.0.3 through 12.6.5 that stems from the presence of SSRF in the Cloudflare adapter, which could allow bypassing third-party domain restrictions...
CVE-2025-58179
Astro exposes an SSRF flaw in versions 11.0.3–12.6.5 when using the Cloudflare adapter with output: 'server' and the default imageService: 'compile'. The image optimization endpoint does not validate received URLs, enabling content from unauthorized third-party domains to be served. Root cause: a...