CVE-2025-55303

MEDIUM6.1EPSS 0.13%

Astro allows unauthorized third-party images in _image endpoint

Published: 8/19/2025Modified: 11/27/2025

Description

### Summary In affected versions of `astro`, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. ### Details On-demand rendered sites built with Astro include an `/_image` endpoint which returns optimized versions of images. The `/_image` endpoint is restricted to processing local images bundled with the site and also supports remote images from domains the site developer has manually authorized (using the [`image.domains`](https://docs.astro.build/en/reference/configuration-reference/#imagedomains) or [`image.remotePatterns`](https://docs.astro.build/en/reference/configuration-reference/#imageremotepatterns) options). However, a bug in impacted versions of `astro` allows an attacker to bypass the third-party domain restrictions by using a protocol-relative URL as the image source, e.g. `/_image?href=//example.com/image.png`. ### Proof of Concept 1. Create a new minimal Astro project (`[email protected]`). 2. Configure it to use the Node adapter (`@astrojs/[email protected]` — newer versions are not impacted): ```js // astro.config.mjs import { defineConfig } from 'astro/config'; import node from '@astrojs/node'; export default defineConfig({ adapter: node({ mode: 'standalone' }), }); ``` 3. Build the site by running `astro build`. 4. Run the server, e.g. with `astro preview`. 5. Append `/_image?href=//placehold.co/600x400` to the preview URL, e.g. <http://localhost:4321/_image?href=//placehold.co/600x400> 6. The site will serve the image from the unauthorized `placehold.co` origin. ### Impact Allows a non-authorized third-party to create URLs on an impacted site’s origin that serve unauthorized image content. In the case of SVG images, this could include the risk of cross-site scripting (XSS) if a user followed a link to a maliciously crafted SVG.

Affected packages (2)

npm/astro>= 5.0.0-alpha.0, < 5.13.2
npm/@astrojs/nodefrom 0, < 9.1.1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 4.0	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
osv	CVSS 3.1	MEDIUM6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

Affected packages (2)

CVSS scores

References (4)