GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6 advisories
Atro CSRF Middleware Bypass (security.checkOrigin)
Moderate
CVE-2024-56140
was published
for
astro
(npm)
Dec 18, 2024
Astros's duplicate trailing slash feature leads to an open redirection security issue
Moderate
CVE-2025-54793
was published
for
astro
(npm)
Aug 7, 2025
@astrojs/node's trailing slash handling causes open redirect issue
Moderate
CVE-2025-55207
was published
for
@astrojs/node
(npm)
Aug 15, 2025
Astro allows unauthorized third-party images in _image endpoint
Moderate
CVE-2025-55303
was published
for
@astrojs/node
(npm)
Aug 19, 2025
Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapter
High
CVE-2025-58179
was published
for
@astrojs/cloudflare
(npm)
Sep 4, 2025
Astro Development Server has Arbitrary Local File Read
Low
CVE-2025-64757
was published
for
astro
(npm)
Nov 19, 2025
ProTip!
Advisories are also available from the
GraphQL API