Skip to content

chore(deps): update dependency astro to v5.15.9 [security] #129

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
renovate merged 1 commit into from
Nov 20, 2025
Merged

chore(deps): update dependency astro to v5.15.9 [security] #129

renovate merged 1 commit into from
Nov 20, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Nov 20, 2025

This PR contains the following updates:

Package Change Age Confidence
astro (source) 5.15.8 -> 5.15.9 age confidence

GitHub Vulnerability Alerts

CVE-2025-65019

Summary

When using Astro's Cloudflare adapter (@​astrojs/cloudflare) with output: 'server', the image optimization endpoint (/_image) contains a critical vulnerability in the isRemoteAllowed() function that unconditionally allows data: protocol URLs. This enables Cross-Site Scripting (XSS) attacks through malicious SVG payloads, bypassing domain restrictions and Content Security Policy protections.

Details

On-demand rendered sites built with Astro include an /_image endpoint for image optimization. While this endpoint is designed to restrict processing to local images and authorized remote domains (configured via image.domains or image.remotePatterns), a critical vulnerability exists in the underlying validation logic.

The isRemoteAllowed() function in packages/internal-helpers/src/remote.ts (lines 128-131) unconditionally allows ALL data: protocol URLs without any validation or sanitization. When combined with SVG images containing JavaScript, this creates a vector for XSS attacks.

Vulnerable Code:

/packages/ packages/internal-helpers/src/remote.ts lines 128-131
if (url.protocol === 'data:') {
    return true;  // ← Unconditionally allows ALL data: URLs!
}

The vulnerability manifests differently depending on the image endpoint implementation:

  • Safe implementation: Server processes SVG and converts to raster format (PNG/JPEG), removing JavaScript
  • Vulnerable implementation: Server redirects browser to raw SVG data URL, allowing JavaScript execution

PoC

  1. Create a new minimal Astro project (astro@latest)

  2. Configure it to use the Cloudflare adapter (@​astrojs/cloudflare@12.6.10)

  3. Deploy to Cloudflare Pages or Workers.

  4. Write page to load SVG Image like : SVG XSS Payload

  5. Open directly the SVG file to show an alert (in read scenarios, the apps that use the framework will use CDN for example, to load SVG, depending that the framework is secure)

Impact

  1. Stored XSS: Malicious URLs can be crafted to execute JavaScript in victim's browser
  2. Session Hijacking: JavaScript can access cookies and session tokens
  3. Account Takeover: Combined with CSRF, can perform unauthorized actions
  4. Data Exfiltration: Sensitive information can be stolen and sent to attacker-controlled servers

References

Release Notes

withastro/astro (astro)

v5.15.9

Compare Source

Patch Changes

  • #​14786 758a891 Thanks @​mef! - Add handling of invalid encrypted props and slots in server islands.

  • #​14783 504958f Thanks @​florian-lefebvre! - Improves the experimental Fonts API build log to show the number of downloaded files. This can help spotting excessive downloading because of misconfiguration

  • #​14791 9e9c528 Thanks @​Princesseuh! - Changes the remote protocol checks for images to require explicit authorization in order to use data URIs.

    In order to allow data URIs for remote images, you will need to update your astro.config.mjs file to include the following configuration:

    // astro.config.mjs
import { defineConfig } from 'astro/config';

export default defineConfig({
  images: {
    remotePatterns: [
      {
        protocol: 'data',
      },
    ],
  },
});

  • #​14787 0f75f6b Thanks @​matthewp! - Fixes wildcard hostname pattern matching to correctly reject hostnames without dots

    Previously, hostnames like localhost or other single-part names would incorrectly match patterns like *.example.com. The wildcard matching logic has been corrected to ensure that only valid subdomains matching the pattern are accepted.

  • #​14776 3537876 Thanks @​ktym4a! - Fixes the behavior of passthroughImageService so it does not generate webp.

  • Updated dependencies [9e9c528, 0f75f6b]:

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Dependency upgrades label Nov 20, 2025
@renovate renovate bot merged commit c1ed3c3 into main Nov 20, 2025
10 checks passed
@renovate renovate bot deleted the renovate/npm-astro-vulnerability branch November 20, 2025 05:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Dependency upgrades

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant