Vulnerabilidades em withastro
30 resultadosCVE-2025-65019MEDIUMAstro Cloudflare adapter has a Stored Cross Site Scripting vulnerability in /_image endpointEPSS 0.2%CVE-2024-56140MEDIUMBypass of CSRF Middleware in AstroEPSS 0.2%CVE-2025-64745LOWAstro development server error page vulnerable to reflected Cross-site ScriptingEPSS 0.2%CVE-2026-41321LOW@astrojs/cloudflare: SSRF via redirect following in Cloudflare image-binding-transform endpointEPSS 0.2%CVE-2026-54299HIGHAstro: Host-header full-read SSRF in core prerendered error-page fetch (prerenderedErrorPageFetch default + unvalidated createRequestFromNodeRequest URL)EPSS 0.2%CVE-2026-41067MEDIUMAstro: XSS via incomplete `</script>` sanitization in `define:vars` allows case-insensitive and whitespace-based bypassEPSS 0.2%CVE-2026-54300MEDIUM@astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN configEPSS 0.2%CVE-2026-50146HIGHAstro: Reflected XSS via unescaped slot nameEPSS 0.2%CVE-2026-54298MEDIUMAstro: XSS via Unescaped Attribute Names in Spread PropsEPSS 0.2%CVE-2026-45028LOWAstro: Server island encrypted parameters vulnerable to cross-component replayEPSS 0.1%