Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

astro

npm

Astro is a modern site builder with web best practices, performance, and DX front-of-mind.

View on github.com · View on npmjs.org

Security Advisories for astro in npm

High
4 days ago

Astro's bypass of image proxy domain validation leads to SSRF and potential XSS GSA_kwCzR0hTQS1xY3ByLTY3OXEtcmhtMs4ABN8I

npm astro
Moderate
22 days ago

Astro's `X-Forwarded-Host` is reflected without validation GSA_kwCzR0hTQS01ZmY1LTlmY3ctdmc4OM4ABNQ_

npm astro
Moderate
2 months ago

Astro allows unauthorized third-party images in _image endpoint GSA_kwCzR0hTQS14Zjh4LWo0cDItZjc0Oc4ABLM1

npm astro, @astrojs/node
Moderate
3 months ago

Astros's duplicate trailing slash feature leads to an open redirection security issue GSA_kwCzR0hTQS1jcThjLXh2NjYtMzZnd84ABK2p

npm astro
High
11 months ago

Astro's server source code is exposed to the public if sourcemaps are enabled GSA_kwCzR0hTQS00OXc2LTczY3ctY2hqcs4ABCoF

npm astro
Moderate
11 months ago

Atro CSRF Middleware Bypass (security.checkOrigin) GSA_kwCzR0hTQS1jNHB3LTMzaDMtMzV4d84ABCjF

npm astro
Moderate
about 1 year ago

DOM Clobbering Gadget found in astro's client-side router that leads to XSS GSA_kwCzR0hTQS1tODV3LTNoOTUtaGNmOc4ABAQP

npm astro

Filter by Severity

Moderate 5 High 2