Package impact
npm / @astrojs/cloudflare
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41321 | unknown | — | — | 1mo ago | Cloudflare has SSRF via redirect following through its image-binding-transform endpoint (incomplete fix for GHSA-qpr4) | |||
| CVE-2025-58179 | unknown | — | — | 9mo ago | Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapter |