Astro: Remote allowlist bypass via unanchored matchPathname wildcard

Astro is a web framework. From version 2.10.10 to before version 5.18.1, this issue concerns Astro's remotePatterns path enforcement for remote URLs used by server-side fetchers such as the image optimization endpoint. The path matching logic for /* wildcards is unanchored, so a pathname that contains the allowed prefix later in the path can still match. As a result, an attacker can fetch paths outside the intended allowlisted prefix on an otherwise allowed host. This issue has been patched in version 5.18.1.

N/A

输入验证不恰当

Astro 输入验证错误漏洞

Astro是Astro开源的一个内容驱动网站的 web 框架。 Astro 2.10.10至5.18.1之前版本存在输入验证错误漏洞，该漏洞源于remotePatterns路径匹配逻辑存在缺陷，可能导致获取超出允许前缀的路径。

N/A

N/A