CVE-2025-58179

HIGH NUCLEI

@astrojs/cloudflare < 12.6.6 - SSRF

Title source: rule

Description

Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URLs it receives, allowing content from unauthorized third-party domains to be served. a A bug in impacted versions of the @astrojs/cloudflare adapter for deployment on Cloudflare’s infrastructure, allows an attacker to bypass the third-party domain restrictions and serve any content from the vulnerable origin. This issue is fixed in version 12.6.6.

Exploits (1)

nomisec SCANNER 1 stars

by shitodcy · poc

https://github.com/shitodcy/CVE-2025-58179-Check

View Code ZIP pw:eip

Nuclei Templates (1)

Astro Cloudflare Adapter - Server Side Request Forgery

HIGHby HoangAnhThai

References (2)

[Patch] https://github.com/withastro/astro/commit/9ecf3598e2b29dd74614328fde3047ea90e67252

[Exploit, Vendor Advisory] https://github.com/withastro/astro/security/advisories/GHSA-qpr4-c339-7vq8

Scores

CVSS v3 7.2

EPSS 0.0043

EPSS Percentile 62.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Details

CWE

CWE-918

Status published

Products (2)

astro/\@astrojs\/cloudflare 11.0.3 - 12.6.6

astrojs/cloudflare 11.0.3 - 12.6.6npm

Published Sep 05, 2025

Tracked Since Feb 18, 2026