Astro's bypass of image proxy domain validation leads to SSRF and potential XSS

Description

This is a patch bypass of CVE-2025-58179 in commit 9ecf359. The fix blocks http://, https:// and //, but can be bypassed using backslashes (\) - the endpoint still issues a server-side fetch.

Recommendation

Update the astro package to the latest compatible version. Followings are version details:

• Affected version(s): >= 5.13.4, < 5.13.10
• Patched version(s): 5.13.10

References

• GHSA-qcpr-679q-rhm2
• CVE-2025-59837
• CWE-79
• CWE-918
• CAPEC-310
• OWASP 2021-A10
• OWASP 2021-A3
• OWASP 2021-A6

Related Issues

• Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF - CVE-2025-62718
• webpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects → SSRF + cache persistence - CVE-2025-68157
• Astro Cloudflare adapter has Stored Cross-site Scripting vulnerability in /_image endpoint - CVE-2025-65019
• webpack buildHttp: allowedUris allow-list bypass via URL userinfo (@) leading to build-time SSRF behavior - CVE-2025-68458

You might also like:

CSRF, XXE, and 12 Other Security Acronyms Explained

How to Secure your NodeJs Express Javascript Application - part 1

Apache and Express Path Traversal plus Nginx Restriction Bypass Tests with SmartScanner

Tags:

npm

astro