Astro has Full-Read SSRF in error rendering via Host: header injection
- Severity:
- Medium
Description
Server-Side Rendered pages that return an error with a prerendered custom error page (eg. 404.astro or 500.astro) are vulnerable to SSRF. If the Host: header is changed to an attacker’s server, it will be fetched on /500.html and they can redirect this to any internal URL to read the response body through the first request.
Recommendation
Update the @astrojs/node package to the latest compatible version. Followings are version details:
- Affected version(s): < 9.5.4
- Patched version(s): 9.5.4
References
Related Issues
- Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain - CVE-2026-40175
- Astro: Cache Poisoning due to incorrect error handling when if-match header is malformed - CVE-2026-41322
- SillyTavern has Authentication Bypass via SSO Header Injection - CVE-2026-44649
- Payload has an SQL Injection via Query Handling - CVE-2026-34747
You might also like:
- Tags:
- npm
- @astrojs/node
Anything's wrong? Let us know Last updated on March 30, 2026