Astro Astrojs Node vulnerabilities
4 known vulnerabilities affecting astro/astrojs_node.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH4
Vulnerabilities
Page 1 of 1
CVE-2026-25545P2HIGHCVSS 8.6PoCfixed in 9.5.42026-02-24
CVE-2026-25545 [HIGH] CWE-918 CVE-2026-25545: Astro is a web framework. Prior to version 9.5.4, Server-Side Rendered pages that return an error wi
Astro is a web framework. Prior to version 9.5.4, Server-Side Rendered pages that return an error with a prerendered custom error page (eg. `404.astro` or `500.astro`) are vulnerable to SSRF. If the `Host:` header is changed to an attacker's server, it will be fetched on `/500.html` and they can redirect this to any internal URL to read the response b
nvd
CVE-2026-27829P3HIGHCVSS 7.2≥ 9.0.0, < 9.5.42026-02-26
CVE-2026-27829 [HIGH] CWE-918 CVE-2026-27829: Astro is a web framework. In versions 9.0.0 through 9.5.3, a bug in Astro's image pipeline allows by
Astro is a web framework. In versions 9.0.0 through 9.5.3, a bug in Astro's image pipeline allows bypassing `image.domains` / `image.remotePatterns` restrictions, enabling the server to fetch content from unauthorized remote hosts. Astro provides an `inferSize` option that fetches remote images at render time to determine their dimensions. Remote imag
nvd
CVE-2026-27729P3HIGHCVSS 7.5≥ 9.0.0, < 9.5.42026-02-24
CVE-2026-27729 [HIGH] CWE-770 CVE-2026-27729: Astro is a web framework. In versions 9.0.0 through 9.5.3, Astro server actions have no default requ
Astro is a web framework. In versions 9.0.0 through 9.5.3, Astro server actions have no default request body size limit, which can lead to memory exhaustion DoS. A single large POST to a valid action endpoint can crash the server process on memory-constrained deployments. On-demand rendered sites built with Astro can define server actions, which autom
nvd
CVE-2026-29772P3HIGHCVSS 7.5≥ 9.0.0, < 10.0.02026-03-24
CVE-2026-29772 [HIGH] CWE-770 CVE-2026-29772: Astro is a web framework. Prior to version 10.0.0, Astro's Server Islands POST handler buffers and p
Astro is a web framework. Prior to version 10.0.0, Astro's Server Islands POST handler buffers and parses the full request body as JSON without enforcing a size limit. Because JSON.parse() allocates a V8 heap object for every element in the input, a crafted payload of many small JSON objects achieves ~15x memory amplification (wire bytes to heap bytes
nvd