ByteOS Network

NVD Vulnerability Details :

CVE-2026-54300

Received

Source-security-advisories@github.com

Published At-22 Jun, 2026 | 19:17

Updated At-23 Jun, 2026 | 15:16

@astrojs/netlify is an adapter that allows Astro to deploy your hybrid or server rendered site to Netlify. Prior to 7.0.13, @astrojs/netlify converts Astro image.remotePatterns into Netlify Image CDN images.remote_images regular expressions with broader semantics than Astro's canonical matcher. A single wildcard hostname such as *.example.com is converted to an optional subdomain regex, so the apex host matches. A single wildcard pathname such as /ok/* is converted without end anchoring, so deeper paths match by prefix. This vulnerability is fixed in 7.0.13.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
			N/A

Type: Secondary

Version: 3.1

Base score: 5.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Type: N/A

Version:

Base score:

Base severity: N/A

Vector:

Weaknesses

CWE ID	Type	Source
CWE-918	Secondary	security-advisories@github.com

CWE ID: CWE-918

Type: Secondary

Source: security-advisories@github.com

References

Hyperlink	Source	Resource
https://github.com/withastro/astro/security/advisories/GHSA-529g-xq4f-cw38	security-advisories@github.com	N/A
https://github.com/withastro/astro/security/advisories/GHSA-529g-xq4f-cw38	134c704f-9b21-4f2e-91b3-4a467353bcc0	N/A

Hyperlink: https://github.com/withastro/astro/security/advisories/GHSA-529g-xq4f-cw38

Source: security-advisories@github.com

Resource: N/A

Hyperlink: https://github.com/withastro/astro/security/advisories/GHSA-529g-xq4f-cw38

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History