### Critical Vulnerability Information #### Vulnerability Name Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapter #### Affected Versions - Affected Versions: >=11.0.3 - Fixed Versions: >=12.6.6 #### Description When using Astro's Cloudflare adapter (@astrojs/cloudflare) configured with `output: 'server'` and the default `imageService: 'compile'`, the generated image optimization endpoint does not validate the URLs it receives, allowing content from unauthorized third-party domains to be served. #### Details - Sites built with Astro that use on-demand rendering include an `_image` endpoint that returns optimized image versions. - The `_image` endpoint is intended to process only local images bundled with the site and remote images from domains manually authorized by the site developer. - However, affected versions of @astrojs/cloudflare adapter have a vulnerability when deployed to Cloudflare infrastructure, allowing attackers to bypass third-party domain restrictions and serve content from any compromised source. #### PoC 1. Create a new minimal Astro project (astro@0.13.3) 2. Configure with Cloudflare adapter (@astrojs/cloudflare@12.6.5) and server output: ```javascript // astro.config.mjs import { defineConfig } from 'astro/config'; import cloudflare from '@astrojs/cloudflare'; export default defineConfig({ output: 'server', adapter: cloudflare(), }); ``` 3. Deploy to Cloudflare Pages or Workers 4. Append `/image?href=https://placeholder.co/600x400` to the deployed URL 5. This will serve a placeholder image from the unauthorized placeholder.co domain. #### Impact Enables unauthorized third parties to create URLs on the affected site's origin that serve unauthorized content. This includes the risk of Server-Side Request Forgery (SSRF), and potentially Cross-Site Scripting (XSS) if users click on maliciously crafted URLs. #### Severity - CVSS v3 Base Score: 7.2 / 10 - Attack Vector: Network - Attack Complexity: Low - Required Privileges: None - User Interaction: None - Scope: Changed - Confidentiality: Low - Integrity: Low - Availability: None #### CVE ID CVE-2025-58179 #### Weaknesses - CWE-79 - CWE-918