GHSA-xf8x-j4p2-f749

Source

https://github.com/advisories/GHSA-xf8x-j4p2-f749

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/08/GHSA-xf8x-j4p2-f749/GHSA-xf8x-j4p2-f749.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-xf8x-j4p2-f749

Aliases

CVE-2025-55303

Related

CVE-2025-55303

Published

2025-08-19T15:40:31Z

Modified

2025-08-19T21:41:46Z

Severity

6.4 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N CVSS Calculator

Summary

Astro allows unauthorized third-party images in _image endpoint

Details

Summary

In affected versions of astro, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served.

Details

On-demand rendered sites built with Astro include an /_image endpoint which returns optimized versions of images.

The /_image endpoint is restricted to processing local images bundled with the site and also supports remote images from domains the site developer has manually authorized (using the <code>image.domains</code> or <code>image.remotePatterns</code> options).

However, a bug in impacted versions of astro allows an attacker to bypass the third-party domain restrictions by using a protocol-relative URL as the image source, e.g. /_image?href=//example.com/image.png.

Proof of Concept

Create a new minimal Astro project (astro@5.13.0).

Configure it to use the Node adapter (@astrojs/node@9.1.0 — newer versions are not impacted):

// astro.config.mjs
import { defineConfig } from 'astro/config';
import node from '@astrojs/node';

export default defineConfig({
 adapter: node({ mode: 'standalone' }),
});

Build the site by running astro build.
Run the server, e.g. with astro preview.
Append /_image?href=//placehold.co/600x400 to the preview URL, e.g. http://localhost:4321/_image?href=//placehold.co/600x400
The site will serve the image from the unauthorized placehold.co origin.

Impact

Allows a non-authorized third-party to create URLs on an impacted site’s origin that serve unauthorized image content. In the case of SVG images, this could include the risk of cross-site scripting (XSS) if a user followed a link to a maliciously crafted SVG.

Database specific

{
    "cwe_ids": [
        "CWE-79"
    ],
    "severity": "MODERATE",
    "github_reviewed_at": "2025-08-19T15:40:31Z",
    "github_reviewed": true,
    "nvd_published_at": "2025-08-19T19:15:36Z"
}

References

Affected packages

npm / astro

Package

Name: astro; View open source insights on deps.dev
Purl: pkg:npm/astro

Affected ranges

Type: SEMVER
Events: Introduced

5.0.0-alpha.0

Fixed

5.13.2

Database specific

{
    "last_known_affected_version_range": "<= 5.13.0"
}

npm / @astrojs/node

Package

Name: @astrojs/node; View open source insights on deps.dev
Purl: pkg:npm/%40astrojs/node

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.1.1

Database specific

{
    "last_known_affected_version_range": "<= 9.1.0"
}

npm / astro

Package

Name: astro; View open source insights on deps.dev
Purl: pkg:npm/astro

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.19

Database specific

{
    "last_known_affected_version_range": "<= 4.16.18"
}