OsVault/npm/@astrojs/node
npm

@astrojs/node

6 known vulnerabilities · 0 critical · 0 high

CVE-2026-29772

Astro: Memory exhaustion DoS due to missing request body size limit in Server Islands

Published Mar 24, 2026
CVE-2025-55303

Astro allows unauthorized third-party images in _image endpoint

Published Aug 19, 2025
CVE-2026-27829

Astro is vulnerable to SSRF due to missing allowlist enforcement in remote image inferSize

Published Feb 25, 2026
CVE-2026-25545

Astro has Full-Read SSRF in error rendering via Host: header injection

Published Feb 23, 2026
GHSA-c57f-mm3j-27q9

Astro: Cache Poisoning due to incorrect error handling when if-match header is malformed

Published Apr 23, 2026
CVE-2026-27729

Astro has memory exhaustion DoS due to missing request body size limit in Server Actions

Published Feb 25, 2026
Check your entire dependency tree at onceRun dependency scan →