CNNVD-202508-1868 Information

CNNVD ID

CNNVD-202508-1868

Related CVE

CVE-2025-55207

• CNNVD Published: 2025-08-15

Description (Chinese)

Astro是Astro开源的一个内容驱动网站的 web 框架。 Astro 9.4.1之前版本存在输入验证错误漏洞，该漏洞源于重定向功能存在缺陷，可能导致开放重定向攻击。

Description (English)

Astro is the web framework for a content-driven site that is open to Astro. The previous version of Astro 9.4.1 had an input verification error loophole, which stemmed from deficiencies in the redirective function that could lead to open redirective attacks.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

Astro

Published

2025-08-15

Last Modified

2026-02-24

References

https://github.com/withastro/astro/security/advisories/GHSA-9x9c-ghc5-jhw9 https://github.com/withastro/astro/commit/5fc3c599cacb0172cc7d8e1202a5f2e8685d7ef2 https://access.redhat.com/security/cve/cve-2025-55207 https://nvd.nist.gov/vuln/detail/CVE-2025-55207

Patch

https://github.com/withastro/astro/releases