How to fix CVE-2025-58179?

Within 30 days: Identify all affected systems and apply vendor patches as part of regular patch cycle. Implement egress filtering and URL validation for server-side requests.

Is Astrojs Cloudflare affected by CVE-2025-58179?

Organizations using Astro face moderate risk from CVE-2025-58179, a server-side request forgery vulnerability rated CVSS 7.2. Attackers could trick authenticated users into performing unintended actions, potentially modifying critical settings or data.

CVE-2025-58179

HIGH

2025-09-05 [email protected]

7.2

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:10 vuln.today

Patch Released

Mar 28, 2026 - 19:10 nvd

Patch available

PoC Detected

Dec 22, 2025 - 20:08 vuln.today

Public exploit code

CVE Published

Sep 05, 2025 - 00:15 nvd

HIGH 7.2

Description

Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URLs it receives, allowing content from unauthorized third-party domains to be served. a A bug in impacted versions of the @astrojs/cloudflare adapter for deployment on Cloudflare’s infrastructure, allows an attacker to bypass the third-party domain restrictions and serve any content from the vulnerable origin. This issue is fixed in version 12.6.6.

Analysis

Astro is a web framework for content-driven websites. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Technical Context

This vulnerability is classified as Server-Side Request Forgery (SSRF) (CWE-918), which allows attackers to make the server perform requests to unintended internal or external resources. Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URLs it receives, allowing content from unauthorized third-party domains to be served. a A bug in impacted versions of the @astrojs/cloudflare adapter for deployment on Cloudflare’s infrastructure, allows an attacker to bypass the third-party domain restrictions and serve any content from the vulnerable origin. This issue is fixed in version 12.6.6. Affected products include: Astro \@Astrojs\/Cloudflare. Version information: through 12.6.5.

Affected Products

Astro \@Astrojs\/Cloudflare.

Remediation

A vendor patch is available. Apply the latest security update as soon as possible. Validate and allowlist destination URLs, block requests to internal networks, use network segmentation.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.3

CVSS: +36

POC: +20

CVE-2025-58179 vulnerability details – vuln.today

Back

CVE-2025-58179

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-58179

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code