astro
Astro is a modern site builder with web best practices, performance, and DX front-of-mind.
Security Advisories for astro in npm
Moderate
5 days ago
Astro Cloudflare adapter has Stored Cross Site Scripting vulnerability in /_image endpoint
npm
astro
Moderate
5 days ago
Astro's middleware authentication checks based on url.pathname can be bypassed via url encoded values
npm
astro
Moderate
11 days ago
Astro vulnerable to URL manipulation via headers, leading to middleware and CVE-2025-61925 bypass
npm
astro
Low
11 days ago
Astro development server error page vulnerable to reflected Cross-site Scripting
npm
astro
High
27 days ago
Astro's bypass of image proxy domain validation leads to SSRF and potential XSS
npm
astro
Moderate
3 months ago
Astro allows unauthorized third-party images in _image endpoint
npm
astro, @astrojs/node
Moderate
4 months ago
Astros's duplicate trailing slash feature leads to an open redirection security issue
npm
astro
High
11 months ago
Astro's server source code is exposed to the public if sourcemaps are enabled
npm
astro
Moderate
about 1 year ago
DOM Clobbering Gadget found in astro's client-side router that leads to XSS
npm
astro