Security Advisories for @astrojs/node in npm
Moderate
about 1 month ago
Astro: Cache Poisoning due to incorrect error handling when if-match header is malformed
npm
@astrojs/node
Moderate
2 months ago
Astro: Memory exhaustion DoS due to missing request body size limit in Server Islands
npm
@astrojs/node
Moderate
3 months ago
Astro has memory exhaustion DoS due to missing request body size limit in Server Actions
npm
@astrojs/node
Moderate
3 months ago
Astro is vulnerable to SSRF due to missing allowlist enforcement in remote image inferSize
npm
@astrojs/node
Moderate
3 months ago
Astro has Full-Read SSRF in error rendering via Host: header injection
npm
@astrojs/node
Potential
High
7 months ago
Astro's bypass of image proxy domain validation leads to SSRF and potential XSS
npm
astro
Potential
Potential
High
9 months ago
Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapter
npm
@astrojs/cloudflare
Moderate
10 months ago
Astro allows unauthorized third-party images in _image endpoint
npm
astro, @astrojs/node
Moderate
10 months ago
@astrojs/node's trailing slash handling causes open redirect issue
npm
@astrojs/node
Potential
Moderate
10 months ago
Astros's duplicate trailing slash feature leads to an open redirection security issue
npm
astro
Potential
High
over 1 year ago
Astro's server source code is exposed to the public if sourcemaps are enabled
npm
astro
Potential
Potential
Moderate
over 1 year ago
DOM Clobbering Gadget found in astro's client-side router that leads to XSS
npm
astro